From 83e569280bc392ace5e809f859734faf74493647 Mon Sep 17 00:00:00 2001
From: Matan <51418643+matan84@users.noreply.github.com>
Date: Wed, 1 Jan 2025 12:29:23 +0200
Subject: [PATCH] [Integration][Datadog] Added OAuth support for datadog
 (#1283)

# Description

What - Introduced support for OAuth2 authentication in Datadog
integration, allowing the use of an access token. also added a new
launch configuration for debugging the Datadog integration.

Why - This change enhances the integration's flexibility and security by
supporting OAuth2, improving the overall functionality of the Datadog
integration.

How - Updated `DatadogClient` to accept an optional access token and
modified authentication headers accordingly.

## Type of change

Please leave one option from the following and delete the rest:

- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] New Integration (non-breaking change which adds a new integration)
- [ ] Breaking change (fix or feature that would cause existing
functionality to not work as expected)
- [ ] Non-breaking change (fix of existing functionality that will not
change current behavior)
- [ ] Documentation (added/updated documentation)

<h4> All tests should be run against the port production
environment(using a testing org). </h4>

### Core testing checklist

- [ ] Integration able to create all default resources from scratch
- [ ] Resync finishes successfully
- [ ] Resync able to create entities
- [ ] Resync able to update entities
- [ ] Resync able to detect and delete entities
- [ ] Scheduled resync able to abort existing resync and start a new one
- [ ] Tested with at least 2 integrations from scratch
- [ ] Tested with Kafka and Polling event listeners
- [ ] Tested deletion of entities that don't pass the selector


### Integration testing checklist

- [ ] Integration able to create all default resources from scratch
- [ ] Resync able to create entities
- [ ] Resync able to update entities
- [ ] Resync able to detect and delete entities
- [ ] Resync finishes successfully
- [ ] If new resource kind is added or updated in the integration, add
example raw data, mapping and expected result to the `examples` folder
in the integration directory.
- [ ] If resource kind is updated, run the integration with the example
data and check if the expected result is achieved
- [ ] If new resource kind is added or updated, validate that
live-events for that resource are working as expected
- [ ] Docs PR link [here](#)

### Preflight checklist

- [ ] Handled rate limiting
- [ ] Handled pagination
- [ ] Implemented the code in async
- [ ] Support Multi account

## Screenshots

Include screenshots from your environment showing how the resources of
the integration will look.

## API Documentation

Provide links to the API documentation used for this integration.
---
 .vscode/launch.json                  | 11 +++++++++++
 integrations/datadog/.port/spec.yaml | 22 ++++++++++++++++++++++
 integrations/datadog/CHANGELOG.md    |  7 +++++++
 integrations/datadog/client.py       | 15 +++++++++++++--
 integrations/datadog/main.py         |  1 +
 integrations/datadog/pyproject.toml  |  2 +-
 6 files changed, 55 insertions(+), 3 deletions(-)

diff --git a/.vscode/launch.json b/.vscode/launch.json
index ee22cd0a3d..6b4bc755e4 100644
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@@ -77,6 +77,17 @@
       "request": "launch",
       "type": "debugpy"
     },
+    {
+      "console": "integratedTerminal",
+      "cwd": "${workspaceFolder}/integrations/datadog",
+      "envFile": "${workspaceFolder}/integrations/datadog/.env",
+      "justMyCode": false,
+      "name": "Run Datadog integration",
+      "program": "${workspaceFolder}/integrations/datadog/debug.py",
+      "python": "${workspaceFolder}/integrations/datadog/.venv/bin/python",
+      "request": "launch",
+      "type": "debugpy"
+    },
     {
       "console": "integratedTerminal",
       "cwd": "${workspaceFolder}/integrations/test-integration",
diff --git a/integrations/datadog/.port/spec.yaml b/integrations/datadog/.port/spec.yaml
index 5d7f4ae7a1..e30d6b03d6 100644
--- a/integrations/datadog/.port/spec.yaml
+++ b/integrations/datadog/.port/spec.yaml
@@ -41,3 +41,25 @@ configurations:
     type: string
     required: false
     sensitive: true
+  - name: datadogAccessToken
+    description: Datadog access token (optional). This is used to authenticate with Datadog using OAuth2. You shouldn't set this value manually.
+    type: string
+    required: false
+    sensitive: true
+
+saas:
+  enabled: true
+  oauthConfiguration:
+    requiredSecrets:
+      - name: datadogApiKey
+        value: '\"OAUTH_ENABLED_API_KEY\"'
+        description: '"API Key for Datadog OAuth2 integration- Not used when OAuth is enabled"'
+      - name: datadogApplicationKey
+        value: '\"OAUTH_ENABLED_APPLICATION_KEY\"'
+        description: '"Application Key for Datadog OAuth2 integration- Not used when OAuth is enabled"'
+      - name: datadogAccessToken
+        value: '.oauthData.accessToken'
+        description: '"Access Token for Datadog OAuth2 integration"'
+    valuesOverride:
+      integrationSpec:
+        datadogBaseUrl: '"https://api.datadoghq.com"'
diff --git a/integrations/datadog/CHANGELOG.md b/integrations/datadog/CHANGELOG.md
index 0c9eefcf17..968647c5a6 100644
--- a/integrations/datadog/CHANGELOG.md
+++ b/integrations/datadog/CHANGELOG.md
@@ -6,6 +6,13 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 <!-- towncrier release notes start -->
+## 0.2.0 (2025-01-01)
+
+
+### Features
+
+- Added Datadog support for OAuth2 authentication
+
 
 ## 0.1.72 (2024-12-31)
 
diff --git a/integrations/datadog/client.py b/integrations/datadog/client.py
index a4059fcdb4..878965330b 100644
--- a/integrations/datadog/client.py
+++ b/integrations/datadog/client.py
@@ -69,11 +69,17 @@ def embed_credentials_in_url(url: str, username: str, token: str) -> str:
 
 
 class DatadogClient:
-    def __init__(self, api_url: str, api_key: str, app_key: str):
+    def __init__(
+        self,
+        api_url: str,
+        api_key: str,
+        app_key: str,
+        access_token: Optional[str] = None,
+    ):
         self.api_url = api_url
         self.dd_api_key = api_key
         self.dd_app_key = app_key
-
+        self.access_token = access_token
         self.http_client = http_async_client
 
         # These are created to limit the concurrent requests we are making to specific routes.
@@ -89,6 +95,11 @@ def datadog_web_url(self) -> str:
 
     @property
     async def auth_headers(self) -> dict[str, Any]:
+        if self.access_token:
+            return {
+                "Authorization": f"Bearer {self.access_token}",
+                "Content-Type": "application/json",
+            }
         return {
             "DD-API-KEY": self.dd_api_key,
             "DD-APPLICATION-KEY": self.dd_app_key,
diff --git a/integrations/datadog/main.py b/integrations/datadog/main.py
index ced2cc4d45..5f8a5f87ca 100644
--- a/integrations/datadog/main.py
+++ b/integrations/datadog/main.py
@@ -32,6 +32,7 @@ def init_client() -> DatadogClient:
         ocean.integration_config["datadog_base_url"],
         ocean.integration_config["datadog_api_key"],
         ocean.integration_config["datadog_application_key"],
+        ocean.integration_config["datadog_access_token"],
     )
 
 
diff --git a/integrations/datadog/pyproject.toml b/integrations/datadog/pyproject.toml
index 5855ce8c7d..dcf9a7ba4f 100644
--- a/integrations/datadog/pyproject.toml
+++ b/integrations/datadog/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "datadog"
-version = "0.1.72"
+version = "0.2.0"
 description = "Datadog Ocean Integration"
 authors = ["Albert Luganga <albertluganga@getport.io>"]