[GitHub] [pulsar] sursingh commented on a change in pull request #13339: [Issue 10816][Proxy] Refresh client auth token

Thu, 31 Mar 2022 09:19:34 -0700 


sursingh commented on a change in pull request #13339:
URL: https://github.com/apache/pulsar/pull/13339#discussion_r839797205



##########
File path: 
pulsar-proxy/src/test/java/org/apache/pulsar/proxy/server/ProxyWithJwtAuthorizationTest.java
##########
@@ -363,6 +374,72 @@ public void 
testProxyAuthorizationWithPrefixSubscriptionAuthMode() throws Except
         log.info("-- Exiting {} test --", methodName);
     }
 
+    @Test
+    void testRefreshClientToken() throws Exception {
+        log.info("-- Starting {} test --", methodName);
+
+        startProxy();
+        createAdminClient();
+
+        @SuppressWarnings("unchecked")
+        Supplier<String> tokenSupplier = Mockito.mock(Supplier.class);
+        when(tokenSupplier.get()).thenAnswer(answer -> 
createClientJwtToken(Duration.ofSeconds(1)));
+
+        PulsarClient proxyClient = PulsarClient.builder()
+                .serviceUrl(proxyService.getServiceUrl()).statsInterval(0, 
TimeUnit.SECONDS)
+                .authentication(AuthenticationFactory.token(tokenSupplier))
+                .operationTimeout(1000, TimeUnit.MILLISECONDS)
+                .build();
+
+        String namespaceName = "my-property/proxy-authorization/my-ns";
+        admin.clusters().createCluster("proxy-authorization", 
ClusterData.builder().serviceUrl(brokerUrl.toString()).build());
+        admin.tenants().createTenant("my-property",
+                new TenantInfoImpl(Sets.newHashSet("appid1", "appid2"), 
Sets.newHashSet("proxy-authorization")));
+        admin.namespaces().createNamespace(namespaceName);
+
+        admin.namespaces().grantPermissionOnNamespace(namespaceName, 
CLIENT_ROLE,
+                Sets.newHashSet(AuthAction.consume, AuthAction.produce));
+        log.info("-- Admin permissions {} ---", 
admin.namespaces().getPermissions(namespaceName));
+
+        Producer<byte[]> producer = proxyClient.newProducer(Schema.BYTES)
+                
.topic("persistent://my-property/proxy-authorization/my-ns/my-topic1").create();
+
+        final int msgs = 10;
+        for (int i = 0; i < msgs; i++) {
+            String message = "my-message-" + i;
+            producer.send(message.getBytes());
+        }
+
+        //noinspection unchecked
+        clearInvocations(tokenSupplier);
+        Thread.sleep(3000);
+        verify(tokenSupplier, atLeastOnce()).get();

Review comment:
       I don't think this test is correct. It is passing for us, even without 
the associated fix.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to