From f515857802b0bb20b3145975c70a16de4e5e8bbe Mon Sep 17 00:00:00 2001
From: Jeff Trent <jeff.trent@oracle.com>
Date: Sat, 9 Sep 2023 09:26:15 -0400
Subject: [PATCH 1/5] fix for issue

---
 .../OciAuthenticationDetailsProvider.java     |  8 +--
 .../oci/sdk/runtime/OciExtension.java         | 55 +++++++++++++++----
 .../oci/sdk/runtime/OciExtensionTest.java     | 26 ++++++++-
 3 files changed, 71 insertions(+), 18 deletions(-)

diff --git a/integrations/oci/sdk/runtime/src/main/java/io/helidon/integrations/oci/sdk/runtime/OciAuthenticationDetailsProvider.java b/integrations/oci/sdk/runtime/src/main/java/io/helidon/integrations/oci/sdk/runtime/OciAuthenticationDetailsProvider.java
index cf37c37f088..8df6c824070 100644
--- a/integrations/oci/sdk/runtime/src/main/java/io/helidon/integrations/oci/sdk/runtime/OciAuthenticationDetailsProvider.java
+++ b/integrations/oci/sdk/runtime/src/main/java/io/helidon/integrations/oci/sdk/runtime/OciAuthenticationDetailsProvider.java
@@ -72,10 +72,10 @@ class OciAuthenticationDetailsProvider implements InjectionPointProvider<Abstrac
     static final String VAL_RESOURCE_PRINCIPAL = "resource-principal";
 
     // order is important here - see the tests and the docs
-    static final List<String> ALL_STRATEGIES = List.of(VAL_INSTANCE_PRINCIPALS,
-                                                       VAL_RESOURCE_PRINCIPAL,
-                                                       VAL_CONFIG,
-                                                       VAL_CONFIG_FILE);
+    static final List<String> ALL_STRATEGIES = List.of(VAL_CONFIG,
+                                                       VAL_CONFIG_FILE,
+                                                       VAL_INSTANCE_PRINCIPALS,
+                                                       VAL_RESOURCE_PRINCIPAL);
 
     OciAuthenticationDetailsProvider() {
     }
diff --git a/integrations/oci/sdk/runtime/src/main/java/io/helidon/integrations/oci/sdk/runtime/OciExtension.java b/integrations/oci/sdk/runtime/src/main/java/io/helidon/integrations/oci/sdk/runtime/OciExtension.java
index 8e27faee602..9a7047ef91b 100644
--- a/integrations/oci/sdk/runtime/src/main/java/io/helidon/integrations/oci/sdk/runtime/OciExtension.java
+++ b/integrations/oci/sdk/runtime/src/main/java/io/helidon/integrations/oci/sdk/runtime/OciExtension.java
@@ -16,6 +16,10 @@
 
 package io.helidon.integrations.oci.sdk.runtime;
 
+import java.io.InputStream;
+import java.net.URL;
+import java.nio.file.Path;
+import java.nio.file.Paths;
 import java.util.Arrays;
 import java.util.Objects;
 import java.util.function.Supplier;
@@ -117,6 +121,9 @@
  * target="_top">Oracle Cloud Infrastructure Java SDK</a>
  */
 public final class OciExtension {
+    /**
+     * The name for the OCI bootstrap configuration file (value = {@value}).
+     */
     static final String DEFAULT_OCI_GLOBAL_CONFIG_FILE = "oci.yaml";
     static final System.Logger LOGGER = System.getLogger(OciExtension.class.getName());
     static final LazyValue<OciConfig> DEFAULT_OCI_CONFIG_BEAN = LazyValue.create(() -> OciConfig.builder()
@@ -127,6 +134,7 @@ public final class OciExtension {
             .build());
     private static String overrideOciConfigFile;
     private static volatile Supplier<io.helidon.common.config.Config> ociConfigSupplier;
+    private static volatile Supplier<io.helidon.common.config.Config> fallbackConfigSupplier;
 
     private OciExtension() {
     }
@@ -201,26 +209,37 @@ public static Supplier<? extends AbstractAuthenticationDetailsProvider> ociAuthe
      * The supplier for the raw config-backed by the OCI config source(s).
      *
      * @return the supplier for the raw config-backed by the OCI config source(s)
-     * @see #ociAuthenticationProvider()
      * @see #configSupplier(Supplier)
+     * @see #fallbackConfigSupplier(Supplier)
+     * @see #ociAuthenticationProvider()
      */
     public static Supplier<io.helidon.common.config.Config> configSupplier() {
-        if (ociConfigSupplier == null) {
-            configSupplier(() -> {
-                // we do it this way to allow for any system and env vars to be used for the auth-strategy definition
-                // (not advertised in the javadoc)
-                String ociConfigFile = ociConfigFilename();
-                return Config.create(
-                        ConfigSources.classpath(ociConfigFile).optional(),
-                        ConfigSources.file(ociConfigFile).optional());
-            });
+        if (ociConfigSupplier != null) {
+            return ociConfigSupplier;
         }
 
+        String ociConfigFile = ociConfigFilename();
+        Path ociConfigFilePath = Paths.get(ociConfigFilename());
+        boolean ociConfigResourceExists = (OciExtension.class.getClassLoader().getResource(ociConfigFile) != null);
+        if (fallbackConfigSupplier != null
+                && !(ociConfigResourceExists || ociConfigFilePath.toFile().exists())) {
+            return fallbackConfigSupplier;
+        }
+
+        configSupplier(() -> {
+            // we do it this way to allow for any system and env vars to be used for the auth-strategy definition
+            // (not advertised in the javadoc)
+            return Config.create(
+                    ConfigSources.classpath(ociConfigFile).optional(),
+                    ConfigSources.file(ociConfigFilePath).optional());
+        });
+
         return ociConfigSupplier;
     }
 
     /**
-     * Establishes the supplier for the raw config-backed by the OCI config source(s).
+     * Establishes the supplier for the raw config-backed by the OCI config source(s). Setting this will override the usage of
+     * the {@link #DEFAULT_OCI_GLOBAL_CONFIG_FILE} as the backing configuration file.
      *
      * @param configSupplier the config supplier
      * @see #configSupplier()
@@ -229,6 +248,19 @@ public static void configSupplier(Supplier<io.helidon.common.config.Config> conf
         ociConfigSupplier = configSupplier;
     }
 
+    /**
+     * Establishes the fallback config supplier used only when the {@link #DEFAULT_OCI_GLOBAL_CONFIG_FILE} is not physically
+     * present, and there has been no config supplier explicitly established via {@link #configSupplier(Supplier)}.
+     * <p>
+     * This method is typically used when running in CDI in order to allow for the fallback of using microprofile configuration.
+     *
+     * @param configSupplier the fallback config supplier
+     * @see #configSupplier()
+     */
+    public static void fallbackConfigSupplier(Supplier<io.helidon.common.config.Config> configSupplier) {
+        fallbackConfigSupplier = configSupplier;
+    }
+
     /**
      * Returns {@code true} if the given config is sufficiently configured in order to identity an OCI authentication strategy.
      * If {@code false} then {@link OciAuthenticationDetailsProvider.AuthStrategy#AUTO} will be applied.
@@ -246,6 +278,7 @@ public static boolean isSufficientlyConfigured(io.helidon.common.config.Config c
     static void ociConfigFileName(String fileName) {
         overrideOciConfigFile = fileName;
         ociConfigSupplier = null;
+        fallbackConfigSupplier = null;
     }
 
     // in support for testing a variant of oci.yaml
diff --git a/integrations/oci/sdk/runtime/src/test/java/io/helidon/integrations/oci/sdk/runtime/OciExtensionTest.java b/integrations/oci/sdk/runtime/src/test/java/io/helidon/integrations/oci/sdk/runtime/OciExtensionTest.java
index 0bdb1c6a2dd..a0721638351 100644
--- a/integrations/oci/sdk/runtime/src/test/java/io/helidon/integrations/oci/sdk/runtime/OciExtensionTest.java
+++ b/integrations/oci/sdk/runtime/src/test/java/io/helidon/integrations/oci/sdk/runtime/OciExtensionTest.java
@@ -31,6 +31,7 @@
 import com.oracle.bmc.auth.AbstractAuthenticationDetailsProvider;
 import com.oracle.bmc.auth.ConfigFileAuthenticationDetailsProvider;
 import com.oracle.bmc.auth.ResourcePrincipalAuthenticationDetailsProvider;
+import com.oracle.bmc.auth.SimpleAuthenticationDetailsProvider;
 import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
@@ -77,19 +78,19 @@ void potentialAuthStrategies() {
                 .get(OciConfig.CONFIG_KEY);
         OciConfig cfg = OciConfig.create(config);
         assertThat(cfg.potentialAuthStrategies(),
-                   contains("instance-principals", "resource-principal", "config", "config-file"));
+                   contains("config", "config-file", "instance-principals", "resource-principal"));
 
         config = createTestConfig(ociAuthConfigStrategies("auto"))
                 .get(OciConfig.CONFIG_KEY);
         cfg = OciConfig.create(config);
         assertThat(cfg.potentialAuthStrategies(),
-                   contains("instance-principals", "resource-principal", "config", "config-file"));
+                   contains( "config", "config-file", "instance-principals", "resource-principal"));
 
         config = createTestConfig(ociAuthConfigStrategies(null, "instance-principals", "auto"))
                 .get(OciConfig.CONFIG_KEY);
         cfg = OciConfig.create(config);
         assertThat(cfg.potentialAuthStrategies(),
-                   contains("instance-principals", "resource-principal", "config", "config-file"));
+                   contains("config", "config-file", "instance-principals", "resource-principal"));
 
         config = createTestConfig(ociAuthConfigStrategies(null, "instance-principals", "resource-principal"))
                 .get(OciConfig.CONFIG_KEY);
@@ -286,6 +287,25 @@ void ociRawConfigShouldBeCached() {
                    "The oci configuration from the config source should be cached");
     }
 
+    @Test
+    void fallbackConfigSupplier() {
+        Config fallbackCfg = Config.just(
+                        ConfigSources.create(
+                                Map.of("oci.auth", "config"),
+                                "test-fallback-cfg"));
+        OciExtension.fallbackConfigSupplier(() -> fallbackCfg);
+
+        assertThat("when there is no oci.yaml present then we should be looking at the fallback config",
+                   OciExtension.configuredAuthenticationDetailsProvider(false),
+                   equalTo(SimpleAuthenticationDetailsProvider.class));
+
+        OciExtension.ociConfigFileName("test-oci-resource-principal.yaml");
+        OciExtension.fallbackConfigSupplier(() -> fallbackCfg);
+        assertThat("when there is an oci.yaml present then we should NOT be looking at the fallback config",
+                   OciExtension.configuredAuthenticationDetailsProvider(false),
+                   equalTo(ResourcePrincipalAuthenticationDetailsProvider.class));
+    }
+
     static Config createTestConfig(MapConfigSource.Builder... builders) {
         return Config.builder(builders)
                 .disableEnvironmentVariablesSource()

From 8401fd9acdbc6a3c68f4a402d87c13ae60a9f987 Mon Sep 17 00:00:00 2001
From: Jeff Trent <jeff.trent@oracle.com>
Date: Sat, 9 Sep 2023 09:31:41 -0400
Subject: [PATCH 2/5] checkstyles

---
 .../io/helidon/integrations/oci/sdk/runtime/OciExtension.java   | 2 --
 1 file changed, 2 deletions(-)

diff --git a/integrations/oci/sdk/runtime/src/main/java/io/helidon/integrations/oci/sdk/runtime/OciExtension.java b/integrations/oci/sdk/runtime/src/main/java/io/helidon/integrations/oci/sdk/runtime/OciExtension.java
index 9a7047ef91b..703b16cf57c 100644
--- a/integrations/oci/sdk/runtime/src/main/java/io/helidon/integrations/oci/sdk/runtime/OciExtension.java
+++ b/integrations/oci/sdk/runtime/src/main/java/io/helidon/integrations/oci/sdk/runtime/OciExtension.java
@@ -16,8 +16,6 @@
 
 package io.helidon.integrations.oci.sdk.runtime;
 
-import java.io.InputStream;
-import java.net.URL;
 import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.util.Arrays;

From a32aae971fdd7f5e3b82255e32f9dc63f1c215b1 Mon Sep 17 00:00:00 2001
From: Jeff Trent <jeff.trent@oracle.com>
Date: Sat, 9 Sep 2023 10:53:54 -0400
Subject: [PATCH 3/5] spotbugs fix

---
 integrations/oci/sdk/runtime/etc/spotbugs/exclude.xml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/integrations/oci/sdk/runtime/etc/spotbugs/exclude.xml b/integrations/oci/sdk/runtime/etc/spotbugs/exclude.xml
index e832dfab49e..2438f8857f5 100644
--- a/integrations/oci/sdk/runtime/etc/spotbugs/exclude.xml
+++ b/integrations/oci/sdk/runtime/etc/spotbugs/exclude.xml
@@ -28,4 +28,10 @@
         <Bug pattern="PATH_TRAVERSAL_IN"/>
     </Match>
 
+    <Match>
+        <!-- Path comes from config or code -->
+        <Class name="io.helidon.integrations.oci.sdk.runtime.OciExtension"/>
+        <Bug pattern="PATH_TRAVERSAL_IN"/>
+    </Match>
+
 </FindBugsFilter>

From 19656a786bcba9da31f7fdc7b71b365080fb8cbb Mon Sep 17 00:00:00 2001
From: Jeff Trent <jeff.trent@oracle.com>
Date: Mon, 11 Sep 2023 14:24:10 -0400
Subject: [PATCH 4/5] address review comment

---
 .../io/helidon/integrations/oci/sdk/runtime/OciExtension.java  | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/integrations/oci/sdk/runtime/src/main/java/io/helidon/integrations/oci/sdk/runtime/OciExtension.java b/integrations/oci/sdk/runtime/src/main/java/io/helidon/integrations/oci/sdk/runtime/OciExtension.java
index 703b16cf57c..0fc89080552 100644
--- a/integrations/oci/sdk/runtime/src/main/java/io/helidon/integrations/oci/sdk/runtime/OciExtension.java
+++ b/integrations/oci/sdk/runtime/src/main/java/io/helidon/integrations/oci/sdk/runtime/OciExtension.java
@@ -16,6 +16,7 @@
 
 package io.helidon.integrations.oci.sdk.runtime;
 
+import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.util.Arrays;
@@ -220,7 +221,7 @@ public static Supplier<io.helidon.common.config.Config> configSupplier() {
         Path ociConfigFilePath = Paths.get(ociConfigFilename());
         boolean ociConfigResourceExists = (OciExtension.class.getClassLoader().getResource(ociConfigFile) != null);
         if (fallbackConfigSupplier != null
-                && !(ociConfigResourceExists || ociConfigFilePath.toFile().exists())) {
+                && !(ociConfigResourceExists || Files.exists(ociConfigFilePath))) {
             return fallbackConfigSupplier;
         }
 

From c90658537d30f2af42e8b0581004bc73d6444a1c Mon Sep 17 00:00:00 2001
From: Jeff Trent <jeff.trent@oracle.com>
Date: Mon, 11 Sep 2023 15:15:41 -0400
Subject: [PATCH 5/5] review comments

---
 .../io/helidon/integrations/oci/sdk/runtime/OciExtension.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/integrations/oci/sdk/runtime/src/main/java/io/helidon/integrations/oci/sdk/runtime/OciExtension.java b/integrations/oci/sdk/runtime/src/main/java/io/helidon/integrations/oci/sdk/runtime/OciExtension.java
index 0fc89080552..1c704bde419 100644
--- a/integrations/oci/sdk/runtime/src/main/java/io/helidon/integrations/oci/sdk/runtime/OciExtension.java
+++ b/integrations/oci/sdk/runtime/src/main/java/io/helidon/integrations/oci/sdk/runtime/OciExtension.java
@@ -244,7 +244,7 @@ public static Supplier<io.helidon.common.config.Config> configSupplier() {
      * @see #configSupplier()
      */
     public static void configSupplier(Supplier<io.helidon.common.config.Config> configSupplier) {
-        ociConfigSupplier = configSupplier;
+        ociConfigSupplier = Objects.requireNonNull(configSupplier, "configSupplier");
     }
 
     /**
@@ -257,7 +257,7 @@ public static void configSupplier(Supplier<io.helidon.common.config.Config> conf
      * @see #configSupplier()
      */
     public static void fallbackConfigSupplier(Supplier<io.helidon.common.config.Config> configSupplier) {
-        fallbackConfigSupplier = configSupplier;
+        fallbackConfigSupplier = Objects.requireNonNull(configSupplier, "configSupplier");
     }
 
     /**