Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
import com.oracle.bmc.auth.AbstractAuthenticationDetailsProvider;
import com.oracle.bmc.auth.ConfigFileAuthenticationDetailsProvider;
import com.oracle.bmc.databasetools.DatabaseToolsClient;
import com.oracle.bmc.databasetools.model.*;
import com.oracle.bmc.databasetools.requests.GetDatabaseToolsConnectionRequest;
import com.oracle.bmc.databasetools.responses.GetDatabaseToolsConnectionResponse;
import com.oracle.bmc.secrets.SecretsClient;
import com.oracle.bmc.secrets.model.Base64SecretBundleContentDetails;
import com.oracle.bmc.secrets.requests.GetSecretBundleRequest;
import com.oracle.bmc.secrets.responses.GetSecretBundleResponse;
import oracle.jdbc.OracleConnection;
import oracle.jdbc.pool.OracleDataSource;
import oracle.security.pki.OraclePKIProvider;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.*;
import java.security.cert.CertificateException;
import java.sql.*;
import java.util.Base64;
import java.util.List;
import java.util.Properties;
/**
* A demo of using a Database Tools connection
* to retrieve credentials and connect/query Autonomous DB
* Credit: https://github.com/nomisvai/oracle-in-memory-wallet-samples
* SDK Docs: https://docs.oracle.com/en-us/iaas/tools/java/2.8.1/
* @author Todd Sharp
*/
public class Demo {
private final String connectionId;
DatabaseToolsClient databaseToolsClient;
SecretsClient secretsClient;
public Demo(String connectionId) throws IOException {
this.connectionId = connectionId;
AbstractAuthenticationDetailsProvider provider = new ConfigFileAuthenticationDetailsProvider("DEFAULT");
databaseToolsClient = DatabaseToolsClient.builder().build(provider);
secretsClient = SecretsClient.builder().build(provider);
}
public void run() throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, SQLException, KeyManagementException {
/* for decoding secrets after they are retrieved */
Base64.Decoder decoder = Base64.getDecoder();
/* get database tools connection */
GetDatabaseToolsConnectionRequest connectionRequest =
GetDatabaseToolsConnectionRequest.builder()
.databaseToolsConnectionId(connectionId)
.build();
GetDatabaseToolsConnectionResponse connectionResponse = databaseToolsClient
.getDatabaseToolsConnection(connectionRequest);
DatabaseToolsConnectionOracleDatabase databaseToolsConnection =
(DatabaseToolsConnectionOracleDatabase) connectionResponse
.getDatabaseToolsConnection();
/* get connect string from dbtools connection */
String connectionString = databaseToolsConnection.getConnectionString();
System.out.printf("Connection String: %s %n", connectionString);
/* get username from dbtools connection */
String username = databaseToolsConnection.getUserName();
System.out.printf("Username: %s %n", username);
/* get wallet SSO contents from dbtools connection */
List<DatabaseToolsKeyStore> keyStores = databaseToolsConnection.getKeyStores();
KeyStoreType keyStoreType = keyStores.get(0).getKeyStoreType();
System.out.printf("KeyStore Type: %s %n", keyStoreType);
DatabaseToolsKeyStoreContentSecretId keyStoreSecretId =
(DatabaseToolsKeyStoreContentSecretId) keyStores
.get(0)
.getKeyStoreContent();
String keyStoreContentSecretId = keyStoreSecretId.getSecretId();
GetSecretBundleRequest keyStoreContentRequest = GetSecretBundleRequest
.builder()
.secretId(keyStoreContentSecretId)
.build();
GetSecretBundleResponse keyStoreContentResponse = secretsClient
.getSecretBundle(keyStoreContentRequest);
Base64SecretBundleContentDetails keyStoreSecretContent =
(Base64SecretBundleContentDetails) keyStoreContentResponse
.getSecretBundle()
.getSecretBundleContent();
String keyStoreSecret = keyStoreSecretContent.getContent();
byte[] keyStoreSecretBytes = decoder.decode(keyStoreSecret);
/* get connection password */
DatabaseToolsUserPasswordSecretId passwordSecretId =
(DatabaseToolsUserPasswordSecretId) databaseToolsConnection
.getUserPassword();
GetSecretBundleRequest passwordSecretBundleRequest =
GetSecretBundleRequest.builder()
.secretId(passwordSecretId.getSecretId())
.build();
GetSecretBundleResponse passwordSecretBundleResponse = secretsClient
.getSecretBundle(passwordSecretBundleRequest);
Base64SecretBundleContentDetails passwordSecretBundleContent =
(Base64SecretBundleContentDetails) passwordSecretBundleResponse
.getSecretBundle()
.getSecretBundleContent();
byte[] decodedBytes = decoder.decode(passwordSecretBundleContent.getContent());
String password = new String(decodedBytes);
System.out.printf("Password: %s %n", password);
/* create datasource properties */
Properties info = new Properties();
info.put(OracleConnection.CONNECTION_PROPERTY_USER_NAME, username);
info.put(OracleConnection.CONNECTION_PROPERTY_PASSWORD, password);
String dbUrl = "jdbc:oracle:thin:@" + connectionString;
/* create "in-memory" wallet */
TrustManagerFactory trustManagerFactory =
TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
KeyManagerFactory keyManagerFactory =
KeyManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
KeyStore keyStore = KeyStore.getInstance("SSO", new OraclePKIProvider());
keyStore.load(new ByteArrayInputStream(keyStoreSecretBytes), null);
keyManagerFactory.init(keyStore, null);
trustManagerFactory.init(keyStore);
SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(
keyManagerFactory.getKeyManagers(),
trustManagerFactory.getTrustManagers(),
null);
/* create datasource */
OracleDataSource datasource = new OracleDataSource();
datasource.setSSLContext(sslContext);
datasource.setURL(dbUrl);
datasource.setConnectionProperties(info);
/* get connection and execute query */
Connection connection = datasource.getConnection();
Statement statement = connection.createStatement();
ResultSet resultSet = statement.executeQuery("select sysdate from dual");
resultSet.next();
Date d = resultSet.getDate(1);
System.out.printf("Current Date from DB: %tc", d);
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment