chore: fix key names for agent

Author: louisnow

.env.example

@@ -24,7 +24,9 @@ ATLAN_START_TO_CLOSE_TIMEOUT_SECONDS=7200 # 2 hours
 # if you plan to deploy the app in customer environment, below is a sample environment variables you need to set
 ATLAN_WORKFLOW_HOST="tenant-temporal.atlan.com"
 ATLAN_WORKFLOW_PORT="443"
-ATLAN_WORKFLOW_AUTH_ENABLED="true"
+ATLAN_AUTH_ENABLED="true"
+ATLAN_AUTH_URL="https://tenant.atlan.com/auth/realms/default/protocol/openid-connect/token"
+ATLAN_WORKFLOW_TLS_ENABLED="true"
 ENABLE_ATLAN_UPLOAD="true"
 
 # Storage:
@@ -34,10 +36,6 @@ UPSTREAM_OBJECT_STORE_NAME="atlan-storage"
 # Secret Store
 SECRET_STORE_NAME="aws-secrets"
 
-# atlan external fields
-ATLAN_DEPLOYMENT_NAME="agent"
-ATLAN_WORKFLOW_TLS_ENABLED=False
-ATLAN_WORKFLOW_AUTH_ENABLED=False
-ATLAN_AUTH_URL=""
-client_id=""
-client_secret=""
+# Client ID/Secret key fields, the value is the name of the key in the secret store
+ATLAN_AUTH_CLIENT_ID_KEY="ATLAN_AUTH_CLIENT_ID"
+ATLAN_AUTH_CLIENT_SECRET_KEY="ATLAN_AUTH_CLIENT_SECRET"

application_sdk/clients/atlan_auth.py

@@ -197,7 +197,6 @@ def clear_cache(self) -> None:
         """
         # we are doing this to force a fetch of the credentials from secret store
         self.credentials = None
-        self.auth_url = None
         self._access_token = None
         self._token_expiry = 0
 

application_sdk/constants.py

@@ -115,10 +115,12 @@
 
 # Deployment Secret Store Key Names
 #: Key name for OAuth2 client ID in deployment secrets (can be overridden via ATLAN_AUTH_CLIENT_ID_KEY)
-WORKFLOW_AUTH_CLIENT_ID_KEY = os.getenv("ATLAN_AUTH_CLIENT_ID_KEY", "client_id")
+WORKFLOW_AUTH_CLIENT_ID_KEY = os.getenv(
+    "ATLAN_AUTH_CLIENT_ID_KEY", "ATLAN_AUTH_CLIENT_ID"
+)
 #: Key name for OAuth2 client secret in deployment secrets (can be overridden via ATLAN_AUTH_CLIENT_SECRET_KEY)
 WORKFLOW_AUTH_CLIENT_SECRET_KEY = os.getenv(
-    "ATLAN_AUTH_CLIENT_SECRET_KEY", "client_secret"
+    "ATLAN_AUTH_CLIENT_SECRET_KEY", "ATLAN_AUTH_CLIENT_SECRET"
 )
 
 # Workflow Constants

application_sdk/services/secretstore.py

@@ -252,7 +252,7 @@ def get_deployment_secret(cls, key: str) -> Any:
 
         Examples:
             >>> # Get a specific deployment configuration value
-            >>> auth_url = SecretStore.get_deployment_secret("atlan_auth_url")
+            >>> auth_url = SecretStore.get_deployment_secret("ATLAN_AUTH_CLIENT_ID")
             >>> if auth_url:
             ...     print(f"Auth URL: {auth_url}")
             >>> # Get deployment name

components/atlan-storage.yaml

@@ -14,12 +14,12 @@ spec:
       value: https://{{tenant}}.atlan.com/api/blobstorage
     - name: accessKey
       secretKeyRef:
-        name: client_id
-        key:  client_id
+        name: ATLAN_AUTH_CLIENT_ID
+        key:  ATLAN_AUTH_CLIENT_ID
     - name: secretKey
       secretKeyRef:
-        name: client_secret
-        key:  client_secret
+        name: ATLAN_AUTH_CLIENT_SECRET
+        key:  ATLAN_AUTH_CLIENT_SECRET
     - name: forcePathStyle
       value: "true"
 auth:

docs/docs/concepts/temporal_auth.md

@@ -59,7 +59,7 @@ The authentication system uses a Dapr secret store component that can be configu
 ```bash
 # Authentication settings
 ATLAN_AUTH_ENABLED=true
-ATLAN_AUTH_URL=https://your-oauth-provider.com/oauth/token
+ATLAN_AUTH_URL=https://tenant.atlan.com/auth/realms/default/protocol/openid-connect/token
 
 # Secret store component configuration
 ATLAN_DEPLOYMENT_SECRET_COMPONENT=deployment-secret-store
@@ -329,7 +329,7 @@ dapr invoke --app-id your-app --method get-secret --data '{"key": "atlan-deploym
 **Symptom**: Token refresh failures
 ```bash
 # Verify auth URL accessibility
-curl -X POST $ATLAN_WORKFLOW_AUTH_URL \
+curl -X POST $ATLAN_AUTH_URL \
   -d "grant_type=client_credentials&client_id=...&client_secret=..."
 
 # Check credential validity in secret store
@@ -508,7 +508,7 @@ spec:
 ```bash
 # Authentication settings
 ATLAN_AUTH_ENABLED=true
-ATLAN_WORKFLOW_AUTH_URL=https://your-oauth-server.com/oauth/token
+ATLAN_AUTH_URL=https://tenant.atlan.com/auth/realms/default/protocol/openid-connect/token
 
 # Secret store configuration
 ATLAN_DEPLOYMENT_SECRET_COMPONENT=deployment-secret-store