From aa0d13bcd803d15dac1b8179cbe017369b37eef9 Mon Sep 17 00:00:00 2001
From: kren-prog <karenpg40@gmail.com>
Date: Thu, 17 Jul 2025 12:21:39 -0500
Subject: [PATCH 1/3] Implement basic auth to Operaton client

---
 .../utils/operaton/base_operaton_client.rb    | 29 +++++++++++++++++--
 .../utils/operaton/external_task_client.rb    |  6 +++-
 lib/bas/utils/operaton/process_client.rb      |  8 +++--
 3 files changed, 38 insertions(+), 5 deletions(-)

diff --git a/lib/bas/utils/operaton/base_operaton_client.rb b/lib/bas/utils/operaton/base_operaton_client.rb
index 61f3b1c..d0a4115 100644
--- a/lib/bas/utils/operaton/base_operaton_client.rb
+++ b/lib/bas/utils/operaton/base_operaton_client.rb
@@ -2,6 +2,7 @@
 
 require "faraday"
 require "json"
+require "base64"
 
 module Utils
   module Operaton
@@ -10,10 +11,12 @@ module Operaton
     # shared by all Operaton API clients.
     #
     class BaseClient
-      def initialize(base_url:)
+      def initialize(base_url:, username: nil, password: nil)
         raise ArgumentError, "base_url is required" if base_url.to_s.strip.empty?
 
         @base_url = base_url.chomp("/")
+        @username = username
+        @password = password
         @conn = build_conn
       end
 
@@ -23,24 +26,46 @@ def build_conn
         # Override to add multipart support for file uploads and URL encoding for form data
         Faraday.new(url: @base_url) do |f|
           f.request :json
+          f.response :logger
           f.response :json, content_type: /\bjson$/
           f.adapter Faraday.default_adapter
           f.options.timeout = 30
           f.options.open_timeout = 10
+          f.basic_auth(@username, @password) if @username && @password
         end
       end
 
+      def basic_auth_required?
+        return false if @username.to_s.empty? || @password.to_s.empty?
+
+        uri = URI.parse(@base_url)
+        host = uri.host
+        !(host.nil? || host.include?("localhost") || host == "127.0.0.1")
+      end
+
       def full_url(path)
         "#{@base_url}#{path.start_with?("/") ? path : "/#{path}"}"
       end
 
       def get(path, params = {})
-        response = @conn.get(full_url(path), params)
+        response = @conn.get(full_url(path)) do |req|
+          if basic_auth_required?
+            token = Base64.strict_encode64("#{@username}:#{@password}")
+            req.headers["Authorization"] = "Basic #{token}"
+          end
+          req.headers["Content-Type"] = "application/json"
+          req.params.update(params)
+        end
         handle_response(response)
       end
 
       def post(path, body = {}, headers = {})
         response = @conn.post(full_url(path)) do |req|
+          if basic_auth_required?
+            token = Base64.strict_encode64("#{@username}:#{@password}")
+            req.headers["Authorization"] = "Basic #{token}"
+          end
+          req.headers["Content-Type"] = "application/json"
           req.headers.update(headers) if headers.any?
           req.body = body
         end
diff --git a/lib/bas/utils/operaton/external_task_client.rb b/lib/bas/utils/operaton/external_task_client.rb
index d7f61b1..8ca3328 100644
--- a/lib/bas/utils/operaton/external_task_client.rb
+++ b/lib/bas/utils/operaton/external_task_client.rb
@@ -23,7 +23,11 @@ class ExternalTaskClient < BaseClient
       def initialize(params)
         @worker_id = params[:worker_id]
         validate_params!(params)
-        super(base_url: params[:base_url])
+        super(
+          base_url: params[:base_url],
+          username: params[:username],
+          password: params[:password]
+        )
       end
 
       def fetch_and_lock(topics_str, lock_duration: 10_000, max_tasks: 1, use_priority: true, variables: [])
diff --git a/lib/bas/utils/operaton/process_client.rb b/lib/bas/utils/operaton/process_client.rb
index 8382633..ba84626 100644
--- a/lib/bas/utils/operaton/process_client.rb
+++ b/lib/bas/utils/operaton/process_client.rb
@@ -16,9 +16,9 @@ module Operaton
     #   tasks = client.deploy_process(file_path, deployment_name: deployment_name)
     #
     class ProcessClient < BaseClient
-      def initialize(base_url:)
+      def initialize(base_url:, username: nil, password: nil)
         @logger = defined?(Rails) ? Rails.logger : Logger.new($stdout)
-        super(base_url: base_url)
+        super(base_url: base_url, username: username, password: password)
       end
 
       def deploy_process(file_path, deployment_name:)
@@ -37,6 +37,10 @@ def deploy_process(file_path, deployment_name:)
         post("/deployment/create", payload)
       end
 
+      def test_engine
+        get("/engine")
+      end
+
       def instance_with_business_key_exists?(process_key, business_key)
         query_params = {
           processDefinitionKey: process_key,

From f32faf26414e2e1d3db75477dee9842de335d4f4 Mon Sep 17 00:00:00 2001
From: kren-prog <karenpg40@gmail.com>
Date: Thu, 17 Jul 2025 15:39:33 -0500
Subject: [PATCH 2/3] fix issue with content-Type

---
 .../utils/operaton/base_operaton_client.rb    | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

diff --git a/lib/bas/utils/operaton/base_operaton_client.rb b/lib/bas/utils/operaton/base_operaton_client.rb
index d0a4115..0ad9098 100644
--- a/lib/bas/utils/operaton/base_operaton_client.rb
+++ b/lib/bas/utils/operaton/base_operaton_client.rb
@@ -47,13 +47,16 @@ def full_url(path)
         "#{@base_url}#{path.start_with?("/") ? path : "/#{path}"}"
       end
 
+      def add_auth_headers(req)
+        return unless basic_auth_required?
+
+        token = Base64.strict_encode64("#{@username}:#{@password}")
+        req.headers["Authorization"] = "Basic #{token}"
+      end
+
       def get(path, params = {})
         response = @conn.get(full_url(path)) do |req|
-          if basic_auth_required?
-            token = Base64.strict_encode64("#{@username}:#{@password}")
-            req.headers["Authorization"] = "Basic #{token}"
-          end
-          req.headers["Content-Type"] = "application/json"
+          add_auth_headers(req)
           req.params.update(params)
         end
         handle_response(response)
@@ -61,11 +64,7 @@ def get(path, params = {})
 
       def post(path, body = {}, headers = {})
         response = @conn.post(full_url(path)) do |req|
-          if basic_auth_required?
-            token = Base64.strict_encode64("#{@username}:#{@password}")
-            req.headers["Authorization"] = "Basic #{token}"
-          end
-          req.headers["Content-Type"] = "application/json"
+          add_auth_headers(req)
           req.headers.update(headers) if headers.any?
           req.body = body
         end

From 5a362ae656a2f312fa570ecdc9c04515558614e5 Mon Sep 17 00:00:00 2001
From: kren-prog <karenpg40@gmail.com>
Date: Thu, 17 Jul 2025 15:44:39 -0500
Subject: [PATCH 3/3] Remove redundant authentication in build_conn.

---
 lib/bas/utils/operaton/base_operaton_client.rb | 1 -
 1 file changed, 1 deletion(-)

diff --git a/lib/bas/utils/operaton/base_operaton_client.rb b/lib/bas/utils/operaton/base_operaton_client.rb
index 0ad9098..b646d5c 100644
--- a/lib/bas/utils/operaton/base_operaton_client.rb
+++ b/lib/bas/utils/operaton/base_operaton_client.rb
@@ -31,7 +31,6 @@ def build_conn
           f.adapter Faraday.default_adapter
           f.options.timeout = 30
           f.options.open_timeout = 10
-          f.basic_auth(@username, @password) if @username && @password
         end
       end