This is an automated email from the ASF dual-hosted git repository. penghui pushed a commit to branch branch-2.9 in repository https://gitbox.apache.org/repos/asf/pulsar.git
commit 43ab20b735f3a7cd989369725206c79d82b4d4f0 Author: ran <[email protected]> AuthorDate: Tue Jun 7 15:46:57 2022 +0800 [fix][auth] Generate correct well-known OpenID configuration URL (#15928) (cherry picked from commit 304b03e7ff3eeff62c31f93738af488eb44abde0) --- pulsar-client-cpp/lib/auth/AuthOauth2.cc | 9 ++++++++- pulsar-client-cpp/lib/auth/AuthOauth2.h | 1 + pulsar-client-cpp/tests/AuthPluginTest.cc | 20 ++++++++++++++++++++ 3 files changed, 29 insertions(+), 1 deletion(-) diff --git a/pulsar-client-cpp/lib/auth/AuthOauth2.cc b/pulsar-client-cpp/lib/auth/AuthOauth2.cc index c3dfe550a0c..438239a46d6 100644 --- a/pulsar-client-cpp/lib/auth/AuthOauth2.cc +++ b/pulsar-client-cpp/lib/auth/AuthOauth2.cc @@ -143,6 +143,8 @@ ClientCredentialFlow::ClientCredentialFlow(ParamMap& params) audience_(params["audience"]), scope_(params["scope"]) {} +std::string ClientCredentialFlow::getTokenEndPoint() const { return tokenEndPoint_; } + static size_t curlWriteCallback(void* contents, size_t size, size_t nmemb, void* responseDataPtr) { ((std::string*)responseDataPtr)->append((char*)contents, size * nmemb); return size * nmemb; @@ -168,7 +170,12 @@ void ClientCredentialFlow::initialize() { curl_easy_setopt(handle, CURLOPT_CUSTOMREQUEST, "GET"); // set URL: well-know endpoint - curl_easy_setopt(handle, CURLOPT_URL, (issuerUrl_ + "/.well-known/openid-configuration").c_str()); + std::string wellKnownUrl = issuerUrl_; + if (wellKnownUrl.back() == '/') { + wellKnownUrl.pop_back(); + } + wellKnownUrl.append("/.well-known/openid-configuration"); + curl_easy_setopt(handle, CURLOPT_URL, wellKnownUrl.c_str()); // Write callback curl_easy_setopt(handle, CURLOPT_WRITEFUNCTION, curlWriteCallback); diff --git a/pulsar-client-cpp/lib/auth/AuthOauth2.h b/pulsar-client-cpp/lib/auth/AuthOauth2.h index a3658b353ee..986919ddfcd 100644 --- a/pulsar-client-cpp/lib/auth/AuthOauth2.h +++ b/pulsar-client-cpp/lib/auth/AuthOauth2.h @@ -57,6 +57,7 @@ class ClientCredentialFlow : public Oauth2Flow { void close(); ParamMap generateParamMap() const; + std::string getTokenEndPoint() const; private: std::string tokenEndPoint_; diff --git a/pulsar-client-cpp/tests/AuthPluginTest.cc b/pulsar-client-cpp/tests/AuthPluginTest.cc index be987e07c48..01c19ebbea4 100644 --- a/pulsar-client-cpp/tests/AuthPluginTest.cc +++ b/pulsar-client-cpp/tests/AuthPluginTest.cc @@ -412,6 +412,26 @@ TEST(AuthPluginTest, testOauth2RequestBody) { ASSERT_EQ(flow2.generateParamMap(), expectedResult2); } +TEST(AuthPluginTest, testInitialize) { + std::string issuerUrl = "https://dev-kt-aa9ne.us.auth0.com";; + std::string expectedTokenEndPoint = issuerUrl + "/oauth/token"; + + ParamMap params; + params["issuer_url"] = issuerUrl; + params["client_id"] = "Xd23RHsUnvUlP7wchjNYOaIfazgeHd9x"; + params["client_secret"] = "rT7ps7WY8uhdVuBTKWZkttwLdQotmdEliaM5rLfmgNibvqziZ-g07ZH52N_poGAb"; + params["audience"] = "https://dev-kt-aa9ne.us.auth0.com/api/v2/";; + + ClientCredentialFlow flow1(params); + flow1.initialize(); + ASSERT_EQ(flow1.getTokenEndPoint(), expectedTokenEndPoint); + + params["issuer_url"] = issuerUrl + "/"; + ClientCredentialFlow flow2(params); + flow2.initialize(); + ASSERT_EQ(flow2.getTokenEndPoint(), expectedTokenEndPoint); +} + TEST(AuthPluginTest, testOauth2Failure) { ParamMap params; auto addKeyValue = [&](const std::string& key, const std::string& value) {
