add OCI Vault Provider

ojdbc-provider-oci/src/main/java/oracle/jdbc/provider/oci/configuration/OciVaultProvider.java

@@ -0,0 +1,58 @@
+package oracle.jdbc.provider.oci.configuration;
+
+import oracle.jdbc.driver.OracleConfigurationJsonProvider;
+import oracle.jdbc.provider.configuration.JsonSecretUtil;
+import oracle.jdbc.provider.oci.vault.SecretFactory;
+import oracle.jdbc.provider.parameter.ParameterSet;
+import oracle.sql.json.OracleJsonObject;
+
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
+import java.sql.SQLException;
+import java.util.Base64;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * A provider for JSON payload which contains configuration from OCI Vault.
+ * See {@link #getJson(String)} for the spec of the JSON payload.
+ **/
+public class OciVaultProvider extends OracleConfigurationJsonProvider {
+
+  /**
+   * {@inheritDoc}
+   * <p>
+   * Returns the JSON payload stored in OCI Vault Secret.
+   * </p><p>The {@code secretOcid} is a OCID of Vault Secret which can be
+   * acquired on the OCI Web Console. The Json payload is stored in the Secret
+   * Contents of Vault Secret.
+   * </p>
+   * @param secretOcid the OCID of secret used by this provider to retrieve
+   *                   JSON payload from OCI
+   * @return JSON payload
+   **/
+  @Override
+  public InputStream getJson(String secretOcid) throws SQLException {
+    final String valueFieldName = "value";
+    Map<String, String> options = new HashMap<>();
+    options.put(valueFieldName, secretOcid);
+
+    ParameterSet parameters =
+      OciConfigurationParameters.getParser()
+        .parseNamedValues(options);
+
+    String secretContent = SecretFactory.getInstance()
+      .request(parameters)
+      .getContent()
+      .getBase64Secret();
+
+    InputStream inputStream = new ByteArrayInputStream(Base64.getDecoder().decode(secretContent));
+    return inputStream;
+  }
+
+  /***/
+  @Override
+  public String getType() {
+    return "vaultoci";
+  }
+}

ojdbc-provider-oci/src/main/resources/META-INF/services/oracle.jdbc.spi.OracleConfigurationProvider

@@ -1,2 +1,3 @@
 oracle.jdbc.provider.oci.configuration.OciObjectStorageProvider
-oracle.jdbc.provider.oci.configuration.OciDatabaseToolsConnectionProvider
+oracle.jdbc.provider.oci.configuration.OciDatabaseToolsConnectionProvider
+oracle.jdbc.provider.oci.configuration.OciVaultProvider

ojdbc-provider-samples/src/main/java/oracle/jdbc/provider/oci/configuration/SimpleVaultExample.java

@@ -0,0 +1,86 @@
+/*
+ ** Copyright (c) 2023 Oracle and/or its affiliates.
+ **
+ ** The Universal Permissive License (UPL), Version 1.0
+ **
+ ** Subject to the condition set forth below, permission is hereby granted to any
+ ** person obtaining a copy of this software, associated documentation and/or data
+ ** (collectively the "Software"), free of charge and under any and all copyright
+ ** rights in the Software, and any and all patent rights owned or freely
+ ** licensable by each licensor hereunder covering either (i) the unmodified
+ ** Software as contributed to or provided by such licensor, or (ii) the Larger
+ ** Works (as defined below), to deal in both
+ **
+ ** (a) the Software, and
+ ** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
+ ** one is included with the Software (each a "Larger Work" to which the Software
+ ** is contributed by such licensors),
+ **
+ ** without restriction, including without limitation the rights to copy, create
+ ** derivative works of, display, perform, and distribute the Software and make,
+ ** use, sell, offer for sale, import, export, have made, and have sold the
+ ** Software and the Larger Work(s), and to sublicense the foregoing rights on
+ ** either these or other terms.
+ **
+ ** This license is subject to the following condition:
+ ** The above copyright notice and either this complete permission notice or at
+ ** a minimum a reference to the UPL must be included in all copies or
+ ** substantial portions of the Software.
+ **
+ ** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ ** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ ** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ ** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ ** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ ** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ ** SOFTWARE.
+ */
+package oracle.jdbc.provider.oci.configuration;
+
+import java.sql.Connection;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.sql.Statement;
+
+import oracle.jdbc.pool.OracleDataSource;
+
+
+/**
+ * A standalone example that configures Oracle JDBC to be provided with the
+ * connection properties retrieved from OCI Vault.
+ */
+public class SimpleVaultExample {
+
+  private static String url;
+
+  /**
+   * <p>
+   * Simple example to retrieve connection properties from OCI Vault.
+   * </p><p>
+   * For the default authentication, the only required local configuration is
+   * to have a valid OCI Config in ~/.oci/config.
+   * </p>
+   * @param args the command line arguments
+   * @throws SQLException if an error occurs during the database calls
+   */
+  public static void main(String[] args) throws SQLException {
+
+    // Sample default URL if non present
+    if (args.length == 0) {
+      url = "jdbc:oracle:thin:@config-vaultoci:ocid1.vaultsecret.oc1.phx.bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb";
+    } else {
+      url = args[0];
+    }
+
+    // No changes required, configuration provider is loaded at runtime
+    OracleDataSource ds = new OracleDataSource();
+    ds.setURL(url);
+
+    // Standard JDBC code
+    Connection cn = ds.getConnection();
+    Statement st = cn.createStatement();
+    ResultSet rs = st.executeQuery("SELECT 'Hello, db' FROM sys.dual");
+    if (rs.next())
+      System.out.println(rs.getString(1));
+  }
+}