tuteng commented on code in PR #18336:
URL: https://github.com/apache/pulsar/pull/18336#discussion_r1042315915
##########
pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationProviderToken.java:
##########
@@ -266,7 +301,7 @@ private Key getValidationKey(ServiceConfiguration conf)
throws IOException {
final byte[] validationKey =
AuthTokenUtils.readKeyFromUrl(tokenPublicKey);
return AuthTokenUtils.decodePublicKey(validationKey, publicKeyAlg);
} else {
- throw new IOException("No secret key was provided for token
authentication");
+ return null;
Review Comment:
I don't think it's the third case, it seems like it should be considered
adding it to the if branch of the publickey, which is essentially where the
public key is read (file, string or an http host)
I think the `TokenSigningKeyResolver` should be called in the
`readKeyFromUrl` function
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
