Extract hard-coded cryptomatorvaults client to application.properties (…

…#41).

backend/src/main/java/org/cryptomator/hub/api/VaultResource.java

@@ -31,6 +31,7 @@
 import jakarta.ws.rs.core.MediaType;
 import jakarta.ws.rs.core.Response;
 import org.cryptomator.hub.SyncerConfig;
+import org.cryptomator.hub.api.cipherduck.CipherduckConfig;
 import org.cryptomator.hub.entities.AccessToken;
 import org.cryptomator.hub.entities.AuditEventVaultAccessGrant;
 import org.cryptomator.hub.entities.AuditEventVaultCreate;
@@ -92,12 +93,7 @@ public class VaultResource {
 
 	// / start cipherduck extension
 	@Inject
-	@ConfigProperty(name = "quarkus.oidc.client-id", defaultValue = "")
-	String keycloakClientIdHub;
-
-	@Inject
-	@ConfigProperty(name = "hub.keycloak.oidc.cryptomator-client-id", defaultValue = "")
-	String keycloakClientIdCryptomator;
+	CipherduckConfig cipherduckConfig;
 	// \ end cipherduck extension
 
 	@GET
@@ -187,8 +183,7 @@ public Response addUser(@PathParam("vaultId") UUID vaultId, @PathParam("userId")
 		}
 
 		// / start cipherduck extension
-
-		keycloakGrantAccessToVault(syncerConfig, vaultId.toString(), userId, "cryptomatorvaults");
+		keycloakGrantAccessToVault(syncerConfig, vaultId.toString(), userId, cipherduckConfig.keycloakClientIdCryptomatorVaults());
 		// \ end cipherduck extension
 
 		return addAuthority(vault, user, role);
@@ -218,7 +213,7 @@ public Response addGroup(@PathParam("vaultId") UUID vaultId, @PathParam("groupId
 		}
 
 		// / start cipherduck extension
-		keycloakGrantAccessToVault(syncerConfig, vaultId.toString(), groupId, "cryptomatorvaults");
+		keycloakGrantAccessToVault(syncerConfig, vaultId.toString(), groupId, cipherduckConfig.keycloakClientIdCryptomatorVaults());
 		// \ end cipherduck extension
 
 		return addAuthority(vault, group, role);
@@ -453,7 +448,7 @@ public Response createOrUpdate(@PathParam("vaultId") UUID vaultId, @Valid @NotNu
 			AuditEventVaultMemberAdd.log(currentUser.id, vaultId, currentUser.id, VaultAccess.Role.OWNER);
 
 			// / start cipherduck extension
-			keycloakGrantAccessToVault(syncerConfig, vaultId.toString(), currentUser.id, "cryptomatorvaults");
+			keycloakGrantAccessToVault(syncerConfig, vaultId.toString(), currentUser.id, cipherduckConfig.keycloakClientIdCryptomatorVaults());
 			// \ end cipherduck extension
 
 			return Response.created(URI.create(".")).contentLocation(URI.create(".")).entity(VaultDto.fromEntity(vault)).type(MediaType.APPLICATION_JSON).build();

backend/src/main/java/org/cryptomator/hub/api/cipherduck/BackendsConfigResource.java

@@ -33,12 +33,11 @@ public class BackendsConfigResource {
 	@APIResponse(responseCode = "200", description = "uploaded storage configuration")
 	public BackendsConfigDto getBackendsConfig() {
 		return new BackendsConfigDto(Settings.get().hubId, backendsConfig.backends().stream()
-				// TODO https://github.com/chenkins/cipherduck-hub/issues/41 hard-coded cryptomatorvaults
 				.map(b -> new StorageConfigDto(b, new VaultJWEBackendDto(b.jwe(),
 						cipherduckConfig.authEndpoint(),
 						cipherduckConfig.tokenEndpoint(),
 						cipherduckConfig.keycloakClientIdCryptomator(),
-						"cryptomatorvaults",
+						cipherduckConfig.keycloakClientIdCryptomatorVaults(),
 						Settings.get().hubId
 						)))
 				.collect(Collectors.toList()));

backend/src/main/java/org/cryptomator/hub/api/cipherduck/CipherduckConfig.java

@@ -5,6 +5,7 @@
 import jakarta.inject.Inject;
 import org.eclipse.microprofile.config.inject.ConfigProperty;
 
+// TODO review: backport to ConfigResource.ConfigDto upstream?
 @ApplicationScoped
 public class CipherduckConfig {
 	@Inject
@@ -25,6 +26,10 @@ public class CipherduckConfig {
 	@ConfigProperty(name = "hub.keycloak.oidc.cryptomator-client-id", defaultValue = "")
 	String keycloakClientIdCryptomator;
 
+	@Inject
+	@ConfigProperty(name = "hub.keycloak.oidc.cryptomator-vaults-client-id", defaultValue = "")
+	String keycloakClientIdCryptomatorVaults;
+
 	@Inject
 	@ConfigProperty(name = "quarkus.oidc.auth-server-url")
 	String internalRealmUrl;
@@ -49,13 +54,19 @@ String trimTrailingSlash(String str) {
 		}
 
 	}
+
 	public String keycloakClientIdHub() {
 		return keycloakClientIdHub;
 	}
 
 	public String keycloakClientIdCryptomator() {
 		return keycloakClientIdCryptomator;
 	}
+
+	public String keycloakClientIdCryptomatorVaults() {
+		return keycloakClientIdCryptomatorVaults;
+	}
+
 	public String publicRealmUri() {
 		return trimTrailingSlash(keycloakPublicUrl + "/realms/" + keycloakRealm);
 	}

backend/src/main/java/org/cryptomator/hub/api/cipherduck/StorageResource.java

@@ -36,6 +36,9 @@ public class StorageResource {
 	@Inject
 	SyncerConfig syncerConfig;
 
+	@Inject
+	CipherduckConfig cipherduckConfig;
+
 	@Inject
 	JsonWebToken jwt;
 
@@ -58,8 +61,7 @@ public Response createBucket(@PathParam("vaultId") UUID vaultId, StorageDto dto)
 
 		makeS3Bucket(storageConfig, dto);
 
-		// TODO https://github.com/chenkins/cipherduck-hub/issues/41 hard-coded cryptomatorvaults
-		keycloakPrepareVault(syncerConfig, vaultId.toString(), storageConfig, jwt.getSubject(), "cryptomatorvaults");
+		keycloakPrepareVault(syncerConfig, vaultId.toString(), storageConfig, jwt.getSubject(), cipherduckConfig.keycloakClientIdCryptomatorVaults());
 
 		return Response.created(URI.create(".")).build();
 	}

backend/src/main/resources/application.properties

@@ -44,6 +44,7 @@ quarkus.oidc.client-id=cryptomatorhub
 %cipherduck-staging.quarkus.oidc.client-id=cryptomator
 %cipherduck-testing.quarkus.oidc.client-id=cryptomator
 hub.keycloak.oidc.cryptomator-client-id=cryptomator
+hub.keycloak.oidc.cryptomator-vaults-client-id=cryptomatorvaults
 
 
 # Keycloak dev service