rework AuthenticationExample option 2

Author: marceljk

README.md

@@ -16,12 +16,12 @@ This repository contains the STACKIT SDKs for Java.
 
 Requires Java 8 or higher.
 
-The release artifacts of the STACKIT Java SDK are available on [Maven Central](https://central.sonatype.com/namespace/cloud.stackit.sdk). 
+The release artifacts of the STACKIT Java SDK are available on [Maven Central](https://central.sonatype.com/namespace/cloud.stackit.sdk).
 See below how to use them in your Java project.
 
 ### Maven
 
-Add the dependencies for the services you want to interact with to your project's POM, e.g. `iaas` and `resourcemanager` (replace `<SDK_VERSION>` with the latest version of each SDK submdoule): 
+Add the dependencies for the services you want to interact with to your project's POM, e.g. `iaas` and `resourcemanager` (replace `<SDK_VERSION>` with the latest version of each SDK submdoule):
 
 ```xml
 <dependency>
@@ -97,31 +97,33 @@ This will make it much easier to configure the key flow authentication in the SD
 To configure the key flow, follow this steps:
 
 1. Create a service account key:
-    - Use the STACKIT Portal: go to the `Service Accounts` tab, choose a `Service Account` and go to `Service Account Keys` to create a key. For more details, see [Create a service account key](https://docs.stackit.cloud/stackit/en/create-a-service-account-key-175112456.html).
+   - Use the STACKIT Portal: go to the `Service Accounts` tab, choose a `Service Account` and go to `Service Account Keys` to create a key. For more details, see [Create a service account key](https://docs.stackit.cloud/stackit/en/create-a-service-account-key-175112456.html).
 2. Save the content of the service account key by copying it and saving it in a JSON file. The expected format of the service account key is **JSON** with the following structure:
 
-    ```json
-    {
-      "id": "uuid",
-      "publicKey": "public key",
-      "createdAt": "2023-08-24T14:15:22Z",
-      "validUntil": "2023-08-24T14:15:22Z",
-      "keyType": "USER_MANAGED",
-      "keyOrigin": "USER_PROVIDED",
-      "keyAlgorithm": "RSA_2048",
-      "active": true,
-      "credentials": {
-        "kid": "string",
-        "iss": "[email protected]",
-        "sub": "uuid",
-        "aud": "string",
-        "privateKey": "(OPTIONAL) private key when generated by the SA service"
-      }
-    }
-    ```
+   ```json
+   {
+     "id": "uuid",
+     "publicKey": "public key",
+     "createdAt": "2023-08-24T14:15:22Z",
+     "validUntil": "2023-08-24T14:15:22Z",
+     "keyType": "USER_MANAGED",
+     "keyOrigin": "USER_PROVIDED",
+     "keyAlgorithm": "RSA_2048",
+     "active": true,
+     "credentials": {
+       "kid": "string",
+       "iss": "[email protected]",
+       "sub": "uuid",
+       "aud": "string",
+       "privateKey": "(OPTIONAL) private key when generated by the SA service"
+     }
+   }
+   ```
 
 3. Configure the service account key for authentication in the SDK by following one of the alternatives below:
+
    - using the configuration options:
+
      ```java
      CoreConfiguration config =
                 new CoreConfiguration()
@@ -130,6 +132,7 @@ To configure the key flow, follow this steps:
 
      ResourceManagerApi api = new ResourceManagerApi(config);
      ```
+
    - setting the environment variable: `STACKIT_SERVICE_ACCOUNT_KEY_PATH`
    - setting `STACKIT_SERVICE_ACCOUNT_KEY_PATH` in the credentials file (see above)
 
@@ -145,11 +148,11 @@ To configure the key flow, follow this steps:
 > - setting the environment variable: `STACKIT_PRIVATE_KEY_PATH`
 > - setting `STACKIT_PRIVATE_KEY_PATH` in the credentials file (see above)
 
-> **Alternatively, if you can't store the credentials in a file, e.g. when using it in a pipeline**, you can store the credentials in environment variables: 
+> **Alternatively, if you can't store the credentials in a file, e.g. when using it in a pipeline**, you can store the credentials in environment variables:
+>
 > - setting the environment variable `STACKIT_SERVICE_ACCOUNT_KEY` with the content of the service account key
 > - (OPTIONAL) setting the environment variable `STACKIT_PRIVATE_KEY` with the content of the private key
 
-
 4. The SDK will search for the keys and, if valid, will use them to get access and refresh tokens which will be used to authenticate all the requests.
 
 Check the [authentication example](examples/authentication/src/main/java/cloud/stackit/sdk/authentication/examples/AuthenticationExample.java) for more details.
@@ -166,7 +169,7 @@ import cloud.stackit.sdk.resourcemanager.model.ListOrganizationsResponse;
 import java.io.IOException;
 
 class CustomEndpointExample {
-    public static void main(String[] args) {        
+    public static void main(String[] args) {
         CoreConfiguration config =
                 new CoreConfiguration()
                         .serviceAccountKey("/path/to/sa_key.json")

examples/authentication/src/main/java/cloud/stackit/sdk/authentication/examples/AuthenticationExample.java

@@ -3,9 +3,13 @@
 import cloud.stackit.sdk.core.config.CoreConfiguration;
 import cloud.stackit.sdk.resourcemanager.api.ResourceManagerApi;
 import cloud.stackit.sdk.resourcemanager.model.ListOrganizationsResponse;
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.util.Scanner;
 
 class AuthenticationExample {
-	public static void main(String[] args) {
+	public static void main(String[] args) throws IOException {
 		///////////////////////////////////////////////////////
 		// Option 1: setting the paths to service account key (and private key) as configuration
 		///////////////////////////////////////////////////////
@@ -33,37 +37,43 @@ public static void main(String[] args) {
 		///////////////////////////////////////////////////////
 		// Option 2: setting the service account key (and private key) as configuration
 		///////////////////////////////////////////////////////
-		String SERVICE_ACCOUNT_KEY =
-				"{\n"
-						+ "      \"id\": \"uuid\",\n"
-						+ "      \"publicKey\": \"public key\",\n"
-						+ "      \"createdAt\": \"2023-08-24T14:15:22Z\",\n"
-						+ "      \"validUntil\": \"2023-08-24T14:15:22Z\",\n"
-						+ "      \"keyType\": \"USER_MANAGED\",\n"
-						+ "      \"keyOrigin\": \"USER_PROVIDED\",\n"
-						+ "      \"keyAlgorithm\": \"RSA_2048\",\n"
-						+ "      \"active\": true,\n"
-						+ "      \"credentials\": {\n"
-						+ "        \"kid\": \"string\",\n"
-						+ "        \"iss\": \"[email protected]\",\n"
-						+ "        \"sub\": \"uuid\",\n"
-						+ "        \"aud\": \"string\",\n"
-						+ "        \"privateKey\": \"(OPTIONAL) private key when generated by the SA service\"\n"
-						+ "      }\n"
-						+ "    }";
-		String PRIVATE_KEY =
-				"-----BEGIN PRIVATE KEY-----\n"
-						+ "MIIJQw...ZL+U\n"
-						+ "lm+dqO...xQ8=\n"
-						+ "-----END PRIVATE KEY-----";
+
+		// read key content from a file, in production you can also read it e.g. from STACKIT
+		// secrets manager, so it's only kept in-memory
+		String serviceAccountKeyPath =
+				"examples/authentication/src/main/java/cloud/stackit/sdk/authentication/examples/dummy_credentials/dummy-service-account-key.json";
+		File serviceAccountKeyFile = new File(serviceAccountKeyPath);
+		StringBuilder serviceAccountKeyContent = new StringBuilder();
+		try (Scanner myReader = new Scanner(serviceAccountKeyFile)) {
+			while (myReader.hasNextLine()) {
+				serviceAccountKeyContent.append(myReader.nextLine());
+			}
+		} catch (FileNotFoundException e) {
+			throw new RuntimeException(e);
+		}
+
+		String privateKeyPath =
+				"examples/authentication/src/main/java/cloud/stackit/sdk/authentication/examples/dummy_credentials/dummy-private-key.pem";
+		File privateKeyFile = new File(privateKeyPath);
+		StringBuilder privateKeyContent = new StringBuilder();
+		try (Scanner myReader = new Scanner(privateKeyFile)) {
+			while (myReader.hasNextLine()) {
+				privateKeyContent.append(myReader.nextLine());
+			}
+		} catch (FileNotFoundException e) {
+			throw new RuntimeException(e);
+		}
+
+		String SERVICE_ACCOUNT_KEY = serviceAccountKeyContent.toString();
+		String PRIVATE_KEY = privateKeyContent.toString();
 
 		try {
 			ResourceManagerApi api =
 					new ResourceManagerApi(
 							new CoreConfiguration()
 									.serviceAccountKey(SERVICE_ACCOUNT_KEY)
 									// Optional: if private key not included in service account key
-									.privateKeyPath(PRIVATE_KEY));
+									.privateKey(PRIVATE_KEY));
 
 			/* list all organizations */
 			ListOrganizationsResponse response =

examples/authentication/src/main/java/cloud/stackit/sdk/authentication/examples/dummy_credentials/dummy-private-key.pem

@@ -0,0 +1,5 @@
+-----BEGIN PRIVATE KEY-----
+MIIJQw...ZL+U
+...
+lm+dqO...xQ8=
+-----END PRIVATE KEY-----

examples/authentication/src/main/java/cloud/stackit/sdk/authentication/examples/dummy_credentials/dummy-service-account-key.json

@@ -0,0 +1,17 @@
+{
+  "id": "uuid",
+  "publicKey": "public key",
+  "createdAt": "2023-08-24T14:15:22Z",
+  "validUntil": "2023-08-24T14:15:22Z",
+  "keyType": "USER_MANAGED",
+  "keyOrigin": "USER_PROVIDED",
+  "keyAlgorithm": "RSA_2048",
+  "active": true,
+  "credentials": {
+    "kid": "string",
+    "iss": "[email protected]",
+    "sub": "uuid",
+    "aud": "string",
+    "privateKey": "(OPTIONAL) private key when generated by the SA service"
+  }
+}