Hi Neil, > On Jun 7, 2023, at 10:35 AM, Neil Buesing <buesing....@gmail.com> wrote: > > The code "AccessTokenRetrieverFactory" uses the "jaasConfig"'s for the > properties used for building the socket factory. > > Shouldn't "jou.createSSLSockerFactor()" use the kafka configs for sasl/ssl > overrides? > > I am looking to do "oauthbearer.ssl.protocol=TLSv1.2" -- but no luck - I > have tried many variations and in looking at the code I *think* it is > trying to use JAAS properties not the kafka configurations for this. > > I am confused by this so I don't want to open a ticket if I am > mis-understanding how overrides should work for oauthbearer >
I think you’re right. I’m the guilty party here, and can’t remember why I wrote it without taking the readily available configuration into consideration. Looking at the JaasOptionsUtils.createSSLSocketFactory method, it ends up creating a Config object anyway, just to get access to the defaults. I’m as perplexed as you. Please do file a Jira if you’d be so willing. Thanks, Kirk > Thanks, > > Neil > > > > > JaasOptionsUtils jou = new JaasOptionsUtils(jaasConfig); > String clientId = jou.validateString(CLIENT_ID_CONFIG); > String clientSecret = jou.validateString(CLIENT_SECRET_CONFIG); > String scope = jou.validateString(SCOPE_CONFIG, false); > > SSLSocketFactory sslSocketFactory = null; > > if (jou.shouldCreateSSLSocketFactory(tokenEndpointUrl)) > sslSocketFactory = jou.createSSLSocketFactory();
