[jira] [Updated] (FLINK-38515) [flink-avro-confluent-registry] Implement OAuth2 mechanism that supports token inheritance for the Schema Registry authentication

[Sonya Parau (Jira)]

     [ 
https://issues.apache.org/jira/browse/FLINK-38515?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sonya Parau updated FLINK-38515:
--------------------------------
    Description: 
Add new *Avro-Confluent properties* to enable *OAuth2 authentication* with a 
remote *Schema Registry* when validating Avro schemas.

With this configuration, the *Schema Registry* can reuse (inherit) the bearer 
token that was originally obtained by the *Kafka Bootstrap Server* by setting:

 
{code:java}
'avro-confluent.bearer-auth.credentials-source' = 'SASL_OAUTHBEARER_INHERIT' 
{code}
 

The following optional properties can be configured to support OAuth2 
authentication:
 # *OAuth Token Endpoint URL* - Defines the remote URL for the Schema 
Registry’s OAuth token endpoint.

{code:java}
bearer-auth.token.endpoint.url {code}

 # *SASL JAAS Configuration* - Specifies the JAAS configuration needed for 
authenticating with the Schema Registry.
{code:java}
bearer-auth.jaas.config {code}

 # *Logial Cluster Indentifier* - Used if the Schema Registry is configured 
with a logical cluster ID.
{code:java}
bearer-auth.logical.cluster {code}

  was:
Add new avro-confluent properties to support the OAuth2 authentication to a 
remote Schema Registry in order to validate the AVRO schema. In this way, the 
Schema Registry can then inherit the bearer token from the Kafka Bootstrap 
Server ({_}'avro-confluent.bearer-auth.credentials-source' = 
'{*}SASL_OAUTHBEARER_INHERIT{*}'{_}).

Optional properties needed:
 # OAuth Token Endpoint URL Configuration - needed to define the remote URL for 
the Schema Registry
_bearer-auth.token.endpoint.url_
 # SASL JAAS Configuration - needed for the authentication to the Schema 
Registry
_bearer-auth.jaas.config_
 # Logial Cluster Indentifier - needed in case the Schema Registry has it 
configured 
_bearer-auth.logical.cluster_


> [flink-avro-confluent-registry] Implement OAuth2 mechanism that supports 
> token inheritance for the Schema Registry authentication
> ---------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: FLINK-38515
>                 URL: https://issues.apache.org/jira/browse/FLINK-38515
>             Project: Flink
>          Issue Type: New Feature
>            Reporter: Sonya Parau
>            Priority: Minor
>
> Add new *Avro-Confluent properties* to enable *OAuth2 authentication* with a 
> remote *Schema Registry* when validating Avro schemas.
> With this configuration, the *Schema Registry* can reuse (inherit) the bearer 
> token that was originally obtained by the *Kafka Bootstrap Server* by setting:
>  
> {code:java}
> 'avro-confluent.bearer-auth.credentials-source' = 'SASL_OAUTHBEARER_INHERIT' 
> {code}
>  
> The following optional properties can be configured to support OAuth2 
> authentication:
>  # *OAuth Token Endpoint URL* - Defines the remote URL for the Schema 
> Registry’s OAuth token endpoint.
> {code:java}
> bearer-auth.token.endpoint.url {code}
>  # *SASL JAAS Configuration* - Specifies the JAAS configuration needed for 
> authenticating with the Schema Registry.
> {code:java}
> bearer-auth.jaas.config {code}
>  # *Logial Cluster Indentifier* - Used if the Schema Registry is configured 
> with a logical cluster ID.
> {code:java}
> bearer-auth.logical.cluster {code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)