[
https://issues.apache.org/jira/browse/FLINK-38515?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sonya Parau updated FLINK-38515:
--------------------------------
Description:
Add new *Avro-Confluent properties* to enable *OAuth2 authentication* with a
remote *Schema Registry* when validating Avro schemas.
With this configuration, the *Schema Registry* can reuse (inherit) the bearer
token that was originally obtained by the *Kafka Bootstrap Server* by setting:
{code:java}
'avro-confluent.bearer-auth.credentials-source' = 'SASL_OAUTHBEARER_INHERIT'
{code}
The following optional properties can be configured to support OAuth2
authentication:
*- OAuth Token Endpoint URL* - Defines the remote URL for the Schema Registry’s
OAuth token endpoint
{code:java}
bearer-auth.token.endpoint.url {code}
*- SASL JAAS Configuration* - Specifies the JAAS configuration needed for
authenticating with the Schema Registry.
{code:java}
bearer-auth.jaas.config {code}
*- Logial Cluster Indentifier* - Used if the Schema Registry is configured with
a logical cluster ID.
{code:java}
bearer-auth.logical.cluster {code}
was:
Add new *Avro-Confluent properties* to enable *OAuth2 authentication* with a
remote *Schema Registry* when validating Avro schemas.
With this configuration, the *Schema Registry* can reuse (inherit) the bearer
token that was originally obtained by the *Kafka Bootstrap Server* by setting:
{code:java}
'avro-confluent.bearer-auth.credentials-source' = 'SASL_OAUTHBEARER_INHERIT'
{code}
The following optional properties can be configured to support OAuth2
authentication:
# *OAuth Token Endpoint URL* - Defines the remote URL for the Schema
Registry’s OAuth token endpoint.
{code:java}
bearer-auth.token.endpoint.url {code}
# *SASL JAAS Configuration* - Specifies the JAAS configuration needed for
authenticating with the Schema Registry.
{code:java}
bearer-auth.jaas.config {code}
# *Logial Cluster Indentifier* - Used if the Schema Registry is configured
with a logical cluster ID.
{code:java}
bearer-auth.logical.cluster {code}
> [flink-avro-confluent-registry] Implement OAuth2 mechanism that supports
> token inheritance for the Schema Registry authentication
> ---------------------------------------------------------------------------------------------------------------------------------
>
> Key: FLINK-38515
> URL: https://issues.apache.org/jira/browse/FLINK-38515
> Project: Flink
> Issue Type: New Feature
> Reporter: Sonya Parau
> Priority: Minor
>
> Add new *Avro-Confluent properties* to enable *OAuth2 authentication* with a
> remote *Schema Registry* when validating Avro schemas.
> With this configuration, the *Schema Registry* can reuse (inherit) the bearer
> token that was originally obtained by the *Kafka Bootstrap Server* by setting:
>
> {code:java}
> 'avro-confluent.bearer-auth.credentials-source' = 'SASL_OAUTHBEARER_INHERIT'
> {code}
>
> The following optional properties can be configured to support OAuth2
> authentication:
> *- OAuth Token Endpoint URL* - Defines the remote URL for the Schema
> Registry’s OAuth token endpoint
> {code:java}
> bearer-auth.token.endpoint.url {code}
> *- SASL JAAS Configuration* - Specifies the JAAS configuration needed for
> authenticating with the Schema Registry.
> {code:java}
> bearer-auth.jaas.config {code}
> *- Logial Cluster Indentifier* - Used if the Schema Registry is configured
> with a logical cluster ID.
> {code:java}
> bearer-auth.logical.cluster {code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
