[GitHub] [pulsar] merlimat commented on a change in pull request #6799: optional auth method name header in http authentication

Tue, 04 May 2021 13:50:37 -0700 


merlimat commented on a change in pull request #6799:
URL: https://github.com/apache/pulsar/pull/6799#discussion_r626097618



##########
File path: 
pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationService.java
##########
@@ -99,18 +99,38 @@ public String authenticate(AuthenticationDataSource 
authData, String authMethodN
     }
 
     public String authenticateHttpRequest(HttpServletRequest request) throws 
AuthenticationException {
-        // Try to validate with any configured provider
         AuthenticationException authenticationException = null;
         AuthenticationDataSource authData = new 
AuthenticationDataHttps(request);
-        for (AuthenticationProvider provider : providers.values()) {
+        String authMethodName = request.getHeader("Auth-Method-Name");
+
+        if (authMethodName != null) {
+            AuthenticationProvider providerToUse = providers
+                    .values()
+                    .parallelStream()
+                    .filter(provider -> 
provider.getAuthMethodName().equals(authMethodName))
+                    .findAny()

Review comment:
       `AuthenticationService` should build a map in the constructor with all 
the available provider indexed by name

##########
File path: 
pulsar-client/src/test/java/org/apache/pulsar/client/impl/schema/AvroSchemaTest.java
##########
@@ -20,39 +20,36 @@
 
 import static java.nio.charset.StandardCharsets.UTF_8;
 import static org.apache.pulsar.client.impl.schema.SchemaTestUtils.FOO_FIELDS;
-import static 
org.apache.pulsar.client.impl.schema.SchemaTestUtils.SCHEMA_AVRO_NOT_ALLOW_NULL;
 import static 
org.apache.pulsar.client.impl.schema.SchemaTestUtils.SCHEMA_AVRO_ALLOW_NULL;
+import static 
org.apache.pulsar.client.impl.schema.SchemaTestUtils.SCHEMA_AVRO_NOT_ALLOW_NULL;

Review comment:
       These test changes look unrelated to the auth change.

##########
File path: 
pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationService.java
##########
@@ -99,18 +99,38 @@ public String authenticate(AuthenticationDataSource 
authData, String authMethodN
     }
 
     public String authenticateHttpRequest(HttpServletRequest request) throws 
AuthenticationException {
-        // Try to validate with any configured provider
         AuthenticationException authenticationException = null;
         AuthenticationDataSource authData = new 
AuthenticationDataHttps(request);
-        for (AuthenticationProvider provider : providers.values()) {
+        String authMethodName = request.getHeader("Auth-Method-Name");

Review comment:
       Since this is a non-standard header, we should use a prefixed name, like 
`X-Pulsar-Auth-Method-Name` or `X-Pulsar-Auth-Method`




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to