Config AWS AppConfig + HttpClient Cognito update

rob-bygrave · rob-bygrave · commit a55779974afe · 2025-03-25T14:40:32.000+13:00
diff --git a/config/index.html b/config/index.html
@@ -56,6 +56,7 @@
           </ul>
         </li>
         <li><a href="#plugins">ConfigurationSource</a></li>
+        <li><a href="#aws-appconfig">AWS AppConfig</a></li>
         <li><a href="#logging">Event Logging</a></li>
       </ul>
     </nav>
@@ -522,6 +523,59 @@ <h2 id="plugins">ConfigurationSource Plugins</h2>
       Refer to the example plugin - <a href="https://github.com/avaje/avaje-config/blob/master/avaje-config/src/test/java/org/example/MyExternalLoader.java">MyExternalLoader.java</a>
     </p>
 
+
+    <h2 id="aws-appconfig">AWS App Config</h2>
+    <p>
+      If using AWS App Config as a configuration source (refer: <a href="https://docs.aws.amazon.com/appconfig/">https://docs.aws.amazon.com/appconfig</a>), 
+      then we can use the <em>avaje-aws-appconfig</em> component.
+    </p>
+
+    <h4>Step 1: Add dependency</h4> 
+    <div class="syntax xml"><div class="highlight"><pre><span></span><span class="nt">&lt;dependency&gt;</span>
+  <span class="nt">&lt;groupId&gt;</span>io.avaje<span class="nt">&lt;/groupId&gt;</span>
+  <span class="nt">&lt;artifactId&gt;</span>avaje-aws-appconfig<span class="nt">&lt;/artifactId&gt;</span>
+  <span class="nt">&lt;version&gt;</span>1.2<span class="nt">&lt;/version&gt;</span>
+<span class="nt">&lt;/dependency&gt;</span>
+</pre></div>
+</div>
+
+    <h4>Step 2: Add configuration</h4>
+    <p>
+      In src/main/resources add configuration like below to specify for <em>aws.appconfig</em> the <em>application, environment, configuration</em>.
+    </p>    
+    <div class="syntax yml"><div class="highlight"><pre><span></span><span class="c1"># In src/main/resources</span>
+<span class="nt">aws.appconfig</span><span class="p">:</span>
+    <span class="nt">application</span><span class="p">:</span> <span class="l l-Scalar l-Scalar-Plain">&#36;{ENVIRONMENT_NAME:dev}-my-application</span>
+    <span class="nt">environment</span><span class="p">:</span> <span class="l l-Scalar l-Scalar-Plain">&#36;{ENVIRONMENT_NAME:dev}</span>
+    <span class="nt">configuration</span><span class="p">:</span> <span class="l l-Scalar l-Scalar-Plain">default</span>
+</pre></div>
+</div>
+
+    <p>
+      In src/test/resources add <em>aws.appconfig.enabled: false</em> to disable loading the AWS App Configuration when running tests.
+    </p>
+    <div class="syntax yml"><div class="highlight"><pre><span></span><span class="c1"># In src/test/resources</span>
+<span class="nt">aws.appconfig.enabled</span><span class="p">:</span> <span class="l l-Scalar l-Scalar-Plain">false</span>
+</pre></div>
+</div>
+
+    <h4>Logging</h4>
+    <p>
+      When Config starts up we show see <em>ConfigurationSource:AppConfigPlugin</em> included in the <em>Loaded properties from ...</em> log message like:
+    </p>
+    <div class="syntax json"><div class="highlight"><pre><span></span><span class="p">{</span><span class="nt">&quot;level&quot;</span><span class="p">:</span><span class="s2">&quot;INFO&quot;</span><span class="p">,</span>
+ <span class="nt">&quot;logger&quot;</span><span class="p">:</span><span class="s2">&quot;io.avaje.config&quot;</span><span class="p">,</span>
+ <span class="nt">&quot;message&quot;</span><span class="p">:</span><span class="s2">&quot;Loaded properties from [resource:application.yaml, ConfigurationSource:AppConfigPlugin] &quot;</span><span class="p">}</span>
+</pre></div>
+</div>	
+    <p>
+      To increase the logging we can set the log level of <em>io.avaje.config.appconfig</em> to DEBUG or TRACE.
+    </p>
+    <div class="syntax xml"><div class="highlight"><pre><span></span><span class="nt">&lt;logger</span> <span class="na">name=</span><span class="s">&quot;io.avaje.config.appconfig&quot;</span> <span class="na">level=</span><span class="s">&quot;TRACE&quot;</span><span class="nt">/&gt;</span>
+</pre></div>
+</div>
+
+
     <h2 id="logging">Event Logging</h2>
     <p>
       By default, <code>avaje-config</code> will immediately log initialization events to it's own configured system logger. If you want to use your own configured logger, you can extend the <code>ConfigurationLog</code> interface and
diff --git a/http-client/index.html b/http-client/index.html
@@ -81,6 +81,7 @@
     <ul>
       <li><a href="#auth-basic">basic auth</a></li>
       <li><a href="#auth-bearer">bearer token</a></li>
+      <li><a href="#aws-cognito">AWS Cognito</a></li>
     </ul>
 </li>
 <li><a href="#logging">Logging</a>
@@ -1178,6 +1179,53 @@ <h4>Token will be obtained and set automatically</h4>
   obtained for the initial request and then renewed when the token has expired.
 </p>
 
+<h2 id="aws-cognito">AWS Cognito</h2>
+<p>
+  When using AWS Cognito for JWT Bearer tokens (OAuth2 client credentials flow) we can use
+  the supplied <em>io.avaje.aws:avaje-cognito-client-token</em> component.
+</p>
+
+<h4>Step 1: Add dependency</h4>
+<div class="syntax xml"><div class="highlight"><pre><span></span><span class="nt">&lt;dependency&gt;</span>
+  <span class="nt">&lt;groupId&gt;</span>io.avaje.aws<span class="nt">&lt;/groupId&gt;</span>
+  <span class="nt">&lt;artifactId&gt;</span>avaje-cognito-client-token<span class="nt">&lt;/artifactId&gt;</span>
+  <span class="nt">&lt;version&gt;</span>1.0<span class="nt">&lt;/version&gt;</span>
+<span class="nt">&lt;/dependency&gt;</span>
+</pre></div>
+</div>
+
+<h4>Step 2: Configure the HttpClient</h4>
+<p>
+  Use <em>CognitoAuthTokenProvider</em> to create an AuthTokenProvider.
+  Configure the HttpClient to use that AuthTokenProvider.
+</p>
+<p>
+  This will then automatically obtain access tokens from Cognito when
+  needed based on the access token expiry, and use the access token
+  in the Authorization header as a Bearer token.
+</p>
+<div class="syntax java"><div class="highlight"><pre><span></span><span class="c1">// create the Cognito AuthTokenProvider</span>
+<span class="n">AuthTokenProvider</span> <span class="n">authTokenProvider</span> <span class="o">=</span> <span class="n">CognitoAuthTokenProvider</span><span class="o">.</span><span class="na">builder</span><span class="o">()</span>
+  <span class="o">.</span><span class="na">url</span><span class="o">(</span><span class="n">tokenUrl</span><span class="o">)</span>
+  <span class="o">.</span><span class="na">clientId</span><span class="o">(</span><span class="n">clientId</span><span class="o">)</span>
+  <span class="o">.</span><span class="na">clientSecret</span><span class="o">(</span><span class="n">clientSecret</span><span class="o">)</span>
+  <span class="o">.</span><span class="na">scope</span><span class="o">(</span><span class="n">scope</span><span class="o">)</span>
+  <span class="o">.</span><span class="na">build</span><span class="o">();</span>
+
+<span class="c1">// use the authTokenProvider when building the HttpClient</span>
+<span class="n">HttpClient</span> <span class="n">client</span> <span class="o">=</span> <span class="n">HttpClient</span><span class="o">.</span><span class="na">builder</span><span class="o">()</span>
+  <span class="o">.</span><span class="na">authTokenProvider</span><span class="o">(</span><span class="n">authTokenProvider</span><span class="o">)</span>  <span class="c1">// HERE !!</span>
+  <span class="o">.</span><span class="na">bodyAdapter</span><span class="o">(</span><span class="k">new</span> <span class="n">JacksonBodyAdapter</span><span class="o">())</span>
+  <span class="o">.</span><span class="na">retryHandler</span><span class="o">(</span><span class="n">retry</span><span class="o">)</span>
+  <span class="o">.</span><span class="na">baseUrl</span><span class="o">(</span><span class="n">url</span><span class="o">)</span>
+  <span class="o">.</span><span class="na">build</span><span class="o">();</span>
+</pre></div>
+</div>
+<p>
+  Note: the <em>Token URL</em> will typically be in the form: <br/>
+  <em>https://{my-app}.auth.{region}.amazoncognito.com/oauth2/token</em>
+</p>
+
 
 <h2 id="logging">Logging</h2>
 <p>
