From 7bcbadb4c9c1b3f130c4be8a86df0658e4098bba Mon Sep 17 00:00:00 2001
From: Anup Chatterjee <chatterjeean@vmware.com>
Date: Wed, 29 Nov 2023 10:35:28 -0800
Subject: [PATCH] Adding Redis ACL support with username

---
 .../queue/config/QueueRedisProperties.java    | 11 +++++++
 .../queue/config/RedisQueueConfiguration.java | 32 +++++++++++++++++--
 2 files changed, 41 insertions(+), 2 deletions(-)

diff --git a/orkes-conductor-queues/src/main/java/io/orkes/conductor/queue/config/QueueRedisProperties.java b/orkes-conductor-queues/src/main/java/io/orkes/conductor/queue/config/QueueRedisProperties.java
index 2c97880..318d724 100644
--- a/orkes-conductor-queues/src/main/java/io/orkes/conductor/queue/config/QueueRedisProperties.java
+++ b/orkes-conductor-queues/src/main/java/io/orkes/conductor/queue/config/QueueRedisProperties.java
@@ -68,6 +68,9 @@ public QueueRedisProperties(ConductorProperties conductorProperties) {
     /** Database number. Defaults to a 0. Can be anywhere from 0 to 15 */
     private int database = 0;
 
+    /** The username to be used for connecting to redis if using Auth with ACL */
+    private String username = null;
+
     /**
      * The maximum amount of time to wait for a connection to become available from the connection
      * pool
@@ -268,6 +271,14 @@ public void setDatabase(int database) {
         this.database = database;
     }
 
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
     public String getQueuePrefix() {
         String prefix = getQueueNamespacePrefix() + "." + conductorProperties.getStack();
         if (getKeyspaceDomain() != null) {
diff --git a/orkes-conductor-queues/src/main/java/io/orkes/conductor/queue/config/RedisQueueConfiguration.java b/orkes-conductor-queues/src/main/java/io/orkes/conductor/queue/config/RedisQueueConfiguration.java
index 38b680b..6fd14d0 100644
--- a/orkes-conductor-queues/src/main/java/io/orkes/conductor/queue/config/RedisQueueConfiguration.java
+++ b/orkes-conductor-queues/src/main/java/io/orkes/conductor/queue/config/RedisQueueConfiguration.java
@@ -90,7 +90,18 @@ protected JedisPool getJedisPoolStandalone(QueueRedisProperties redisProperties)
                 redisProperties.isSsl());
         Host host = hostSupplier.getHosts().get(0);
 
-        if (host.getPassword() != null) {
+        if (redisProperties.getUsername() != null &&  host.getPassword() != null) {
+            log.info("Connecting to Redis Standalone with ACL user AUTH");
+            return new JedisPool(
+                    config,
+                    host.getHostName(),
+                    host.getPort(),
+                    Protocol.DEFAULT_TIMEOUT,
+                    redisProperties.getUsername(),
+                    host.getPassword(),
+                    redisProperties.getDatabase(),
+                    redisProperties.isSsl());
+        } else if (host.getPassword() != null) {
             log.info("Connecting to Redis Standalone with AUTH");
             return new JedisPool(
                     config,
@@ -136,7 +147,24 @@ public JedisSentinelPool getJedisPoolSentinel(QueueRedisProperties properties) {
         }
         // We use the password of the first sentinel host as password and sentinelPassword
         String password = getPassword(hostSupplier.getHosts());
-        if (password != null) {
+        if (properties.getUsername() != null && password != null) {
+            return new JedisSentinelPool(
+                    properties.getClusterName(),
+                    sentinels,
+                    genericObjectPoolConfig,
+                    Protocol.DEFAULT_TIMEOUT,
+                    Protocol.DEFAULT_TIMEOUT,
+                    properties.getUsername(),
+                    password,
+                    properties.getDatabase(),
+                    null,
+                    Protocol.DEFAULT_TIMEOUT,
+                    Protocol.DEFAULT_TIMEOUT,
+                    properties.getUsername(),
+                    password,
+                    null);
+
+        } else if (password != null) {
             return new JedisSentinelPool(
                     properties.getClusterName(),
                     sentinels,