[GitHub] [pulsar] tuteng commented on a change in pull request #14044: [broker][authentication]Support pass http auth status

Tue, 08 Feb 2022 19:25:44 -0800 


tuteng commented on a change in pull request #14044:
URL: https://github.com/apache/pulsar/pull/14044#discussion_r802239403



##########
File path: 
pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationProviderToken.java
##########
@@ -363,4 +369,59 @@ public boolean isExpired() {
             return expiration < System.currentTimeMillis();
         }
     }
+
+    private static final class TokenAuthenticationHttpState implements 
AuthenticationState {
+
+        private final AuthenticationProviderToken provider;
+        private AuthenticationDataSource authenticationDataSource;
+        private Jwt<?, Claims> jwt;
+        private long expiration;
+
+        TokenAuthenticationHttpState(AuthenticationProviderToken provider, 
HttpServletRequest request)
+                throws AuthenticationException {
+            this.provider = provider;
+            String httpHeaderValue = request.getHeader(HTTP_HEADER_NAME);
+            if (httpHeaderValue == null || 
!httpHeaderValue.startsWith(HTTP_HEADER_VALUE_PREFIX)) {
+                throw new AuthenticationException("Invalid HTTP Authorization 
header");
+            }
+
+            // Remove prefix
+            String token = 
httpHeaderValue.substring(HTTP_HEADER_VALUE_PREFIX.length());
+            this.jwt = provider.authenticateToken(token);
+            this.authenticationDataSource = new 
AuthenticationDataHttps(request);
+            if (jwt.getBody().getExpiration() != null) {
+                this.expiration = jwt.getBody().getExpiration().getTime();
+            } else {
+                // Disable expiration
+                this.expiration = Long.MAX_VALUE;
+            }
+        }
+
+        @Override
+        public String getAuthRole() throws AuthenticationException {
+            return provider.getPrincipal(jwt);
+        }
+
+        @Override
+        public AuthenticationDataSource getAuthDataSource() {
+            return authenticationDataSource;
+        }
+
+        @Override
+        public AuthData authenticate(AuthData authData) throws 
AuthenticationException {
+            return null;

Review comment:
       
https://github.com/apache/pulsar/blob/master/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationState.java#L49
   I think the explanation for returning a null value comes from here




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to