Crisper load config from file.

Author: vverman

auth/customcredentials/aws/customCredentialSupplierAws.js

@@ -117,20 +117,16 @@ async function authenticateWithAwsCredentials(
  * variables are only set for the current process.
  */
 function loadConfigFromFile() {
-  const secretsFile = 'custom-credentials-aws-secrets.json';
-  const secretsPath = path.resolve(__dirname, secretsFile);
-
-  if (!fs.existsSync(secretsPath)) {
-    return;
-  }
+  const secretsPath = path.resolve(
+    __dirname,
+    'custom-credentials-aws-secrets.json'
+  );
+  if (!fs.existsSync(secretsPath)) return;
 
   try {
     const secrets = JSON.parse(fs.readFileSync(secretsPath, 'utf8'));
-    if (!secrets) {
-      return;
-    }
 
-    const configMapping = {
+    const envMap = {
       aws_access_key_id: 'AWS_ACCESS_KEY_ID',
       aws_secret_access_key: 'AWS_SECRET_ACCESS_KEY',
       aws_region: 'AWS_REGION',
@@ -139,6 +135,12 @@ function loadConfigFromFile() {
       gcp_service_account_impersonation_url:
         'GCP_SERVICE_ACCOUNT_IMPERSONATION_URL',
     };
+
+    for (const [jsonKey, envKey] of Object.entries(envMap)) {
+      if (secrets[jsonKey]) {
+        process.env[envKey] = secrets[jsonKey];
+      }
+    }
   } catch (error) {
     console.error(`Error reading secrets file: ${error.message}`);
   }

auth/customcredentials/okta/README.md

@@ -57,25 +57,14 @@ This command downloads all required Node.js libraries.
 npm install
 ```
 
-### 2. Configure Credentials
-
-For local development, this sample reads configuration from a JSON file.
-
-1.  Create a file named `custom-credentials-okta-secrets.json` in the project root.
-2.  Add the following content, replacing the placeholder values with your configuration:
-
-```json
-{
-  "gcp_workload_audience": "//iam.googleapis.com/projects/YOUR_PROJECT_NUMBER/locations/global/workloadIdentityPools/YOUR_POOL/providers/YOUR_PROVIDER",
-  "gcs_bucket_name": "your-bucket-name",
-  "okta_domain": "https://dev-123456.okta.com",
-  "okta_client_id": "your-okta-client-id",
-  "okta_client_secret": "your-okta-client-secret",
-  "gcp_service_account_impersonation_url": "https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/your-sa@your-project.iam.gserviceaccount.com:generateAccessToken"
-}
-```
+### 2. Configure Credentials for Local Development
+
+1.  Copy the example secrets file to a new file named `custom-credentials-okta-secrets.json` in the project root:
+    ```bash
+    cp custom-credentials-okta-secrets.json.example custom-credentials-okta-secrets.json
+    ```
+2.  Open `custom-credentials-okta-secrets.json` and fill in the required values for your AWS and Google Cloud configuration. Do not check your `custom-credentials-okta-secrets.json` file into version control.
 
-**Note:** Do not check your secrets file into version control.
 
 ### 3. Run the Application
 

auth/customcredentials/okta/customCredentialSupplierOkta.js

@@ -140,20 +140,17 @@ async function authenticateWithOktaCredentials(
  * variables are only set for the current process.
  */
 function loadConfigFromFile() {
-  const secretsFile = 'custom-credentials-okta-secrets.json';
-  const secretsPath = path.resolve(__dirname, secretsFile);
-
-  if (!fs.existsSync(secretsPath)) {
-    return;
-  }
+  const secretsPath = path.resolve(
+    __dirname,
+    'custom-credentials-okta-secrets.json'
+  );
+  if (!fs.existsSync(secretsPath)) return;
 
   try {
     const secrets = JSON.parse(fs.readFileSync(secretsPath, 'utf8'));
-    if (!secrets) {
-      return;
-    }
 
-    const configMapping = {
+    // Define the mapping: JSON Key -> Environment Variable
+    const envMap = {
       gcp_workload_audience: 'GCP_WORKLOAD_AUDIENCE',
       gcs_bucket_name: 'GCS_BUCKET_NAME',
       gcp_service_account_impersonation_url:
@@ -162,6 +159,13 @@ function loadConfigFromFile() {
       okta_client_id: 'OKTA_CLIENT_ID',
       okta_client_secret: 'OKTA_CLIENT_SECRET',
     };
+
+    // Iterate and assign
+    for (const [jsonKey, envKey] of Object.entries(envMap)) {
+      if (secrets[jsonKey]) {
+        process.env[envKey] = secrets[jsonKey];
+      }
+    }
   } catch (error) {
     console.error(`Error reading secrets file: ${error.message}`);
   }