Merge pull request #1290 from IABTechLab/bmz-UID2-4606-runtime-config…

…-application Runtime config retrieval and application
IABTechLab · Feb 3, 2025 · 418f2bf · 418f2bf
2 parents 34dbbd9 + 63b0c4b
commit 418f2bf
Show file tree

Hide file tree

Showing 45 changed files with 1,226 additions and 199 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -20,6 +20,8 @@ COPY ./target/${JAR_NAME}-${JAR_VERSION}-sources.jar /app
 COPY ./target/${JAR_NAME}-${JAR_VERSION}-static.tar.gz /app/static.tar.gz
 COPY ./conf/default-config.json ${EXTRA_CONFIG} /app/conf/
 COPY ./conf/*.xml /app/conf/
+COPY ./conf/runtime-config-defaults.json /app/conf/
+COPY ./conf/feat-flag/feat-flag.json    /app/conf/feat-flag/
 
 RUN tar xzvf /app/static.tar.gz --no-same-owner --no-same-permissions && rm -f /app/static.tar.gz
 

diff --git a/conf/default-config.json b/conf/default-config.json
@@ -36,5 +36,4 @@
   "failure_shutdown_wait_hours": 120,
   "sharing_token_expiry_seconds": 2592000,
   "operator_type": "public"
-
 }
diff --git a/conf/docker-config.json b/conf/docker-config.json
@@ -37,6 +37,13 @@
   "enclave_platform": null,
   "failure_shutdown_wait_hours": 120,
   "salts_expired_shutdown_hours": 12,
-  "operator_type": "public"
-
+  "operator_type": "public",
+  "runtime_config_store": {
+    "type": "file",
+    "config" : {
+      "path": "conf/runtime-config-defaults.json",
+      "format": "json"
+    },
+    "config_scan_period_ms": 5000
+  }
 }
diff --git a/conf/feat-flag/feat-flag.json b/conf/feat-flag/feat-flag.json
@@ -0,0 +1,5 @@
+{
+  "remote_config": {
+    "enabled": true
+  }
+}
diff --git a/conf/integ-config.json b/conf/integ-config.json
@@ -14,6 +14,14 @@
   "optout_api_token": "test-operator-key",
   "optout_api_uri": "http://localhost:8081/optout/replicate",
   "salts_expired_shutdown_hours": 12,
-  "operator_type": "public"
-
+  "operator_type": "public",
+  "runtime_config_store": {
+    "type": "http",
+    "config" : {
+      "host": "localhost",
+      "port": 8088,
+      "path": "/operator/config"
+    },
+    "config_scan_period_ms": 300000
+  }
 }
diff --git a/conf/local-config.json b/conf/local-config.json
@@ -36,5 +36,13 @@
   "key_sharing_endpoint_provide_app_names": true,
   "client_side_token_generate_log_invalid_http_origins": true,
   "salts_expired_shutdown_hours": 12,
-  "operator_type": "public"
+  "operator_type": "public",
+  "runtime_config_store": {
+    "type": "file",
+    "config" : {
+      "path": "conf/runtime-config-defaults.json",
+      "format": "json"
+    },
+    "config_scan_period_ms": 5000
+  }
 }
diff --git a/conf/local-e2e-docker-private-config.json b/conf/local-e2e-docker-private-config.json
@@ -27,5 +27,14 @@
   "optout_delta_rotate_interval": 60,
   "cloud_refresh_interval": 30,
   "salts_expired_shutdown_hours": 12,
-  "operator_type": "private"
+  "operator_type": "private",
+  "runtime_config_store": {
+    "type": "http",
+    "config" : {
+      "host": "core",
+      "port": 8088,
+      "path": "/operator/config"
+    },
+    "config_scan_period_ms": 300000
+  }
 }
diff --git a/conf/local-e2e-docker-public-config.json b/conf/local-e2e-docker-public-config.json
@@ -33,6 +33,14 @@
   "optout_status_api_enabled": true,
   "cloud_refresh_interval": 30,
   "salts_expired_shutdown_hours": 12,
-  "operator_type": "public"
-
+  "operator_type": "public",
+  "runtime_config_store": {
+    "type": "http",
+    "config" : {
+      "host": "core",
+      "port": 8088,
+      "path": "/operator/config"
+    },
+    "config_scan_period_ms": 300000
+  }
 }
diff --git a/conf/local-e2e-private-config.json b/conf/local-e2e-private-config.json
@@ -38,6 +38,14 @@
   "client_side_token_generate_domain_name_check_enabled": false,
   "client_side_token_generate_log_invalid_http_origins": true,
   "salts_expired_shutdown_hours": 12,
-  "operator_type": "private"
-
+  "operator_type": "private",
+  "runtime_config_store": {
+    "type": "http",
+    "config" : {
+      "host": "localhost",
+      "port": 8088,
+      "path": "/operator/config"
+    },
+    "config_scan_period_ms": 300000
+  }
 }
diff --git a/conf/local-e2e-public-config.json b/conf/local-e2e-public-config.json
@@ -39,6 +39,14 @@
   "key_sharing_endpoint_provide_app_names": true,
   "client_side_token_generate_log_invalid_http_origins": true,
   "salts_expired_shutdown_hours": 12,
-  "operator_type": "public"
-
+  "operator_type": "public",
+  "runtime_config_store": {
+    "type": "http",
+    "config" : {
+      "host": "localhost",
+      "port": 8088,
+      "path": "/operator/config"
+    },
+    "config_scan_period_ms": 300000
+  }
 }
diff --git a/conf/runtime-config-defaults.json b/conf/runtime-config-defaults.json
@@ -0,0 +1,6 @@
+{
+  "identity_token_expires_after_seconds": 3600,
+  "refresh_token_expires_after_seconds": 86400,
+  "refresh_identity_token_after_seconds": 900,
+  "sharing_token_expiry_seconds": 2592000
+}
diff --git a/conf/validator-latest-e2e-docker-public-config.json b/conf/validator-latest-e2e-docker-public-config.json
@@ -32,6 +32,14 @@
   "optout_api_uri": "http://optout:8081/optout/replicate",
   "optout_delta_rotate_interval": 60,
   "cloud_refresh_interval": 30,
-  "operator_type": "public"
-
+  "operator_type": "public",
+  "runtime_config_store": {
+    "type": "http",
+    "config" : {
+      "host": "core",
+      "port": 8088,
+      "path": "/operator/config"
+    },
+    "config_scan_period_ms": 300000
+  }
 }
diff --git a/scripts/aws/Dockerfile b/scripts/aws/Dockerfile
@@ -37,6 +37,7 @@ COPY ./conf/default-config.json    /app/conf/
 COPY ./conf/*.json  /app/conf/
 COPY ./conf/*.xml                  /app/conf/
 COPY ./syslog-ng-client.conf       /etc/syslog-ng/syslog-ng.conf
+COPY ./conf/feat-flag/feat-flag.json    /app/conf/feat-flag/
 
 RUN chmod +x /app/vsockpx && chmod +x /app/entrypoint.sh
 

diff --git a/scripts/aws/conf/euid-integ-config.json b/scripts/aws/conf/euid-integ-config.json
@@ -11,5 +11,15 @@
   "core_attest_url": "https://core.integ.euid.eu/attest",
   "optout_api_uri": "https://optout.integ.euid.eu/optout/replicate",
   "optout_s3_folder": "optout/",
-  "allow_legacy_api": false
+  "allow_legacy_api": false,
+  "runtime_config_store": {
+    "type": "http",
+    "config" : {
+      "host": "core.integ.euid.eu",
+      "port": 443,
+      "ssl": true,
+      "path": "/operator/config"
+    },
+    "config_scan_period_ms": 300000
+  }
 }
diff --git a/scripts/aws/conf/euid-prod-config.json b/scripts/aws/conf/euid-prod-config.json
@@ -27,5 +27,15 @@
   "refresh_token_v3": true,
   "enable_phone_support": true,
   "enable_v1_phone_support": false,
-  "enable_v2_encryption": true
+  "enable_v2_encryption": true,
+  "runtime_config_store": {
+    "type": "http",
+    "config" : {
+      "host": "core.prod.euid.eu",
+      "port": 443,
+      "ssl": true,
+      "path": "/operator/config"
+    },
+    "config_scan_period_ms": 300000
+  }
 }
diff --git a/scripts/aws/conf/feat-flag/feat-flag.json b/scripts/aws/conf/feat-flag/feat-flag.json
@@ -0,0 +1,5 @@
+{
+  "remote_config": {
+    "enabled": false
+  }
+}
diff --git a/scripts/aws/conf/uid2-integ-config.json b/scripts/aws/conf/uid2-integ-config.json
@@ -11,5 +11,15 @@
   "core_attest_url": "https://core-integ.uidapi.com/attest",
   "optout_api_uri": "https://optout-integ.uidapi.com/optout/replicate",
   "optout_s3_folder": "uid-optout-integ/",
-  "allow_legacy_api": false
+  "allow_legacy_api": false,
+  "runtime_config_store": {
+    "type": "http",
+    "config" : {
+      "host": "core-integ.uidapi.com",
+      "port": 443,
+      "ssl": true,
+      "path": "/operator/config"
+    },
+    "config_scan_period_ms": 300000
+  }
 }
diff --git a/scripts/aws/conf/uid2-prod-config.json b/scripts/aws/conf/uid2-prod-config.json
@@ -22,5 +22,15 @@
   "identity_token_expires_after_seconds": 259200,
   "refresh_token_expires_after_seconds": 2592000,
   "refresh_identity_token_after_seconds": 3600,
-  "allow_legacy_api": false
+  "allow_legacy_api": false,
+  "runtime_config_store": {
+    "type": "http",
+    "config" : {
+      "host": "core-prod.uidapi.com",
+      "port": 443,
+      "ssl": true,
+      "path": "/operator/config"
+    },
+    "config_scan_period_ms": 300000
+  }
 }
diff --git a/scripts/azure-cc/Dockerfile b/scripts/azure-cc/Dockerfile
@@ -34,6 +34,7 @@ COPY ./target/${JAR_NAME}-${JAR_VERSION}-sources.jar /app
 COPY ./target/${JAR_NAME}-${JAR_VERSION}-static.tar.gz /app/static.tar.gz
 COPY ./conf/*.json /app/conf/
 COPY ./conf/*.xml /app/conf/
+COPY ./conf/feat-flag/feat-flag.json    /app/conf/feat-flag/
 
 # Extract and clean up tar.gz
 RUN tar xzvf /app/static.tar.gz --no-same-owner --no-same-permissions && \

diff --git a/scripts/azure-cc/conf/feat-flag/feat-flag.json b/scripts/azure-cc/conf/feat-flag/feat-flag.json
@@ -0,0 +1,5 @@
+{
+  "remote_config": {
+    "enabled": false
+  }
+}
diff --git a/scripts/azure-cc/conf/integ-uid2-config.json b/scripts/azure-cc/conf/integ-uid2-config.json
@@ -10,5 +10,15 @@
   "optout_metadata_path": "https://optout-integ.uidapi.com/optout/refresh",
   "core_attest_url": "https://core-integ.uidapi.com/attest",
   "optout_api_uri": "https://optout-integ.uidapi.com/optout/replicate",
-  "optout_s3_folder": "uid-optout-integ/"
+  "optout_s3_folder": "uid-optout-integ/",
+  "runtime_config_store": {
+    "type": "http",
+    "config" : {
+      "host": "core-integ.uidapi.com",
+      "port": 443,
+      "ssl": true,
+      "path": "/operator/config"
+    },
+    "config_scan_period_ms": 300000
+  }
 }
diff --git a/scripts/azure-cc/conf/prod-uid2-config.json b/scripts/azure-cc/conf/prod-uid2-config.json
@@ -11,5 +11,15 @@
   "core_attest_url": "https://core-prod.uidapi.com/attest",
   "optout_api_uri": "https://optout-prod.uidapi.com/optout/replicate",
   "optout_s3_folder": "optout-v2/",
-  "identity_token_expires_after_seconds": 259200
+  "identity_token_expires_after_seconds": 259200,
+  "runtime_config_store": {
+    "type": "http",
+    "config" : {
+      "host": "core-prod.uidapi.com",
+      "port": 443,
+      "ssl": true,
+      "path": "/operator/config"
+    },
+    "config_scan_period_ms": 300000
+  }
 }
diff --git a/scripts/gcp-oidc/Dockerfile b/scripts/gcp-oidc/Dockerfile
@@ -28,6 +28,7 @@ COPY ./target/${JAR_NAME}-${JAR_VERSION}-sources.jar /app
 COPY ./target/${JAR_NAME}-${JAR_VERSION}-static.tar.gz /app/static.tar.gz
 COPY ./conf/*.json /app/conf/
 COPY ./conf/*.xml /app/conf/
+COPY ./conf/feat-flag/feat-flag.json    /app/conf/feat-flag/
 
 RUN tar xzvf /app/static.tar.gz --no-same-owner --no-same-permissions && rm -f /app/static.tar.gz
 

diff --git a/scripts/gcp-oidc/conf/feat-flag/feat-flag.json b/scripts/gcp-oidc/conf/feat-flag/feat-flag.json
@@ -0,0 +1,5 @@
+{
+  "remote_config": {
+    "enabled": false
+  }
+}
diff --git a/scripts/gcp-oidc/conf/integ-config.json b/scripts/gcp-oidc/conf/integ-config.json
@@ -10,5 +10,15 @@
     "optout_metadata_path": "https://optout.uidapi.com/optout/refresh",
     "core_attest_url": "https://core.uidapi.com/attest",
     "optout_api_uri": "https://optout.uidapi.com/optout/replicate",
-    "optout_s3_folder": "uid-optout-integ/"
+    "optout_s3_folder": "uid-optout-integ/",
+    "runtime_config_store": {
+        "type": "http",
+        "config" : {
+            "host": "core.uidapi.com",
+            "port": 443,
+            "ssl": true,
+            "path": "/operator/config"
+        },
+        "config_scan_period_ms": 300000
+    }
 }
diff --git a/scripts/gcp-oidc/conf/prod-config.json b/scripts/gcp-oidc/conf/prod-config.json
@@ -11,5 +11,15 @@
   "core_attest_url": "https://core.uidapi.com/attest",
   "optout_api_uri": "https://optout.uidapi.com/optout/replicate",
   "optout_s3_folder": "optout-v2/",
-  "identity_token_expires_after_seconds": 259200
+  "identity_token_expires_after_seconds": 259200,
+  "runtime_config_store": {
+    "type": "http",
+    "config" : {
+      "host": "core.uidapi.com",
+      "port": 443,
+      "ssl": true,
+      "path": "/operator/config"
+    },
+    "config_scan_period_ms": 300000
+  }
 }
diff --git a/src/main/java/com/uid2/operator/Const.java b/src/main/java/com/uid2/operator/Const.java
@@ -29,5 +29,9 @@ public class Config extends com.uid2.shared.Const.Config {
         public static final String OptOutStatusMaxRequestSize = "optout_status_max_request_size";
         public static final String MaxInvalidPaths = "logging_limit_max_invalid_paths_per_interval";
         public static final String MaxVersionBucketsPerSite = "logging_limit_max_version_buckets_per_site";
+
+        public static final String ConfigScanPeriodMsProp = "config_scan_period_ms";
+        public static final String IdentityV3Prop = "identity_v3";
+        public static final String RemoteConfigFeatureFlagProp = "remote_config_feature_flag";
     }
 }