feat: Add OAuth support for HTTP Sync (#1791)

<!-- Please use this template for your pull request. -->
<!-- Please use the sections that you need and delete other sections -->

## This PR

- adds support for OAuth in the HTTP Sync

### Related Issues
<!-- add here the GitHub issue that this PR resolves if applicable -->

Addresses #1785

### Notes

Properly testing this via unit tests is not possible. The HTTP Sync is
built by the `syncbuilder` pkg. This entails that testing any behavior
of the HTTP Sync can only be possible as part of the `syncbuilder`
module, which IMHO doesn't make much sense.

### Follow-up Tasks

Add documentation for the new properties used in the HTTP Sync. 
Available here: #1805


### How to test
<!-- if applicable, add testing instructions under this section -->

Manually create a small mockup server that handles OAuth requests

```go

func (h *OAuthHandler) Authorize(w http.ResponseWriter, r *http.Request) {

	reqDump, _ := httputil.DumpRequest(r, true)
	fmt.Printf("GOT OAUTH REQUEST:\n%s", string(reqDump))

	w.WriteHeader(http.StatusOK)
	w.Header().Set("Content-Type", "application/x-www-form-urlencoded")
	w.Write([]byte("access_token=mocktoken&scope=mockscope&token_type=bearer"))
}
```

Afterwards, start flagd pointing to the mockup server:

```
go run main.go start --sources='[{ "uri": "http://localhost:8180/flags", "provider": "http", "interval": 1, "bearerToken": "it-will-be-overridden", "oauthConfig": { "clientID": "test", "clientSecret": "test", "tokenUrl": "http://localhost:8180/oauth" }}]'
```

The HTTP request to `http://localhost:8180/flags` will contain the HTTP
Header `Authorization: Bearer mocktoken`.

---------

Signed-off-by: Todd Baert <[email protected]>
Signed-off-by: Giovanni Liva <[email protected]>
Signed-off-by: Simon Schrottner <[email protected]>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Todd Baert <[email protected]>
Co-authored-by: Simon Schrottner <[email protected]>
Co-authored-by: chrfwow <[email protected]>

Author: 5 people

core/pkg/sync/builder/syncbuilder.go

@@ -2,10 +2,8 @@ package builder
 
 import (
 	"fmt"
-	"net/http"
 	"os"
 	"regexp"
-	"time"
 
 	"github.com/open-feature/flagd/core/pkg/logger"
 	"github.com/open-feature/flagd/core/pkg/sync"
@@ -112,7 +110,7 @@ func (sb *SyncBuilder) syncFromConfig(sourceConfig sync.SourceConfig, logger *lo
 		return sb.newK8s(sourceConfig.URI, logger)
 	case syncProviderHTTP:
 		logger.Debug(fmt.Sprintf("using remote sync-provider for: %s", sourceConfig.URI))
-		return sb.newHTTP(sourceConfig, logger), nil
+		return httpSync.NewHTTP(sourceConfig, logger), nil
 	case syncProviderGrpc:
 		logger.Debug(fmt.Sprintf("using grpc sync-provider for: %s", sourceConfig.URI))
 		return sb.newGRPC(sourceConfig, logger), nil
@@ -186,29 +184,6 @@ func (sb *SyncBuilder) newK8s(uri string, logger *logger.Logger) (*kubernetes.Sy
 	), nil
 }
 
-func (sb *SyncBuilder) newHTTP(config sync.SourceConfig, logger *logger.Logger) *httpSync.Sync {
-	// Default to 5 seconds
-	var interval uint32 = 5
-	if config.Interval != 0 {
-		interval = config.Interval
-	}
-
-	return &httpSync.Sync{
-		URI: config.URI,
-		Client: &http.Client{
-			Timeout: time.Second * 10,
-		},
-		Logger: logger.WithFields(
-			zap.String("component", "sync"),
-			zap.String("sync", "remote"),
-		),
-		BearerToken: config.BearerToken,
-		AuthHeader:  config.AuthHeader,
-		Interval:    interval,
-		Cron:        cron.New(),
-	}
-}
-
 func (sb *SyncBuilder) newGRPC(config sync.SourceConfig, logger *logger.Logger) *grpc.Sync {
 	return &grpc.Sync{
 		URI: config.URI,

core/pkg/sync/builder/utils_test.go

@@ -267,3 +267,61 @@ func TestParseSyncProviderURIs(t *testing.T) {
 		})
 	}
 }
+
+func TestParseOAuth(t *testing.T) {
+	test := map[string]struct {
+		in        string
+		expectErr bool
+		out       []sync.SourceConfig
+	}{
+		"noOauth": {
+			in:        "[{\"uri\":\"https://secure-remote\",\"provider\":\"http\",\"authHeader\":\"Bearer bearer-dji34ld2l\"}]",
+			expectErr: false,
+			out: []sync.SourceConfig{
+				{
+					URI:        "https://secure-remote",
+					Provider:   "http",
+					AuthHeader: "Bearer bearer-dji34ld2l",
+				},
+			},
+		},
+		"oauth": {
+			in: `[{
+	"uri": "https://secure-remote",
+	"provider":"http", 
+	"oauth": { 
+		"clientID": "myID",
+		"clientSecret": "mySecret",
+		"tokenURL": "myTokenUrl" 
+	}}]`,
+			expectErr: false,
+			out: []sync.SourceConfig{
+				{
+					URI:      "https://secure-remote",
+					Provider: "http",
+					OAuth: &sync.OAuthCredentialHandler{
+						ClientID:     "myID",
+						ClientSecret: "mySecret",
+						TokenURL:     "myTokenUrl",
+					},
+				},
+			},
+		},
+	}
+
+	for name, tt := range test {
+		t.Run(name, func(t *testing.T) {
+			out, err := ParseSources(tt.in)
+			if tt.expectErr {
+				if err == nil {
+					t.Error("expected error, got none")
+				}
+			} else if err != nil {
+				t.Errorf("did not expect error: %s", err.Error())
+			}
+			if !reflect.DeepEqual(out, tt.out) {
+				t.Errorf("unexpected output, expected %v, got %v", tt.out, out)
+			}
+		})
+	}
+}