alopresto commented on a change in pull request #4508:
URL: https://github.com/apache/nifi/pull/4508#discussion_r482547597
##########
File path:
nifi-nar-bundles/nifi-confluent-platform-bundle/nifi-confluent-schema-registry-service/src/main/java/org/apache/nifi/confluent/schemaregistry/ConfluentSchemaRegistry.java
##########
@@ -112,6 +114,32 @@
.required(true)
.build();
+ static final PropertyDescriptor PROP_BASIC_AUTH_USERNAME = new
PropertyDescriptor.Builder()
+ .name("Authentication Username")
+ .displayName("Authentication Username")
+ .description("The username to be used by the client to authenticate
against the Remote URL. Cannot include control characters (0-31), ':', or DEL
(127).")
+ .required(false)
+
.addValidator(StandardValidators.createRegexMatchingValidator(Pattern.compile("^[\\x20-\\x39\\x3b-\\x7e\\x80-\\xff]+$")))
+ .build();
+
+ static final PropertyDescriptor PROP_BASIC_AUTH_PASSWORD = new
PropertyDescriptor.Builder()
+ .name("Authentication Password")
+ .displayName("Authentication Password")
+ .description("The password to be used by the client to authenticate
against the Remote URL.")
+ .required(false)
+ .sensitive(true)
+
.addValidator(StandardValidators.createRegexMatchingValidator(Pattern.compile("^[\\x20-\\x7e\\x80-\\xff]+$")))
+ .build();
+
+ static final PropertyDescriptor PROP_AUTH_TYPE = new
PropertyDescriptor.Builder()
+ .name("Authentication Type")
+ .displayName("Authentication Type")
+ .description("Basic authentication will use the 'Authentication
Username' " +
+ "and 'Authentication Password' property values. See Confluent
Schema Registry documentation for more details.")
+ .required(false)
+ .allowableValues("BASIC")
Review comment:
I don't think setting the allowable value here to a static string is
sufficient to enforce that the provided value will always be provided in all
uppercase (via API call or manipulated submission), and there is no default
value to offer an absence of authentication.
##########
File path:
nifi-nar-bundles/nifi-confluent-platform-bundle/nifi-confluent-schema-registry-service/src/main/java/org/apache/nifi/confluent/schemaregistry/client/RestSchemaRegistryClient.java
##########
@@ -68,14 +69,21 @@
private static final String SCHEMA_REGISTRY_CONTENT_TYPE =
"application/vnd.schemaregistry.v1+json";
- public RestSchemaRegistryClient(final List<String> baseUrls, final int
timeoutMillis, final SSLContext sslContext, final ComponentLog logger) {
+ public RestSchemaRegistryClient(final List<String> baseUrls, final String
authType, final String authUser,
+ final String authPass, final int
timeoutMillis, final SSLContext sslContext, final ComponentLog logger) {
this.baseUrls = new ArrayList<>(baseUrls);
final ClientConfig clientConfig = new ClientConfig();
clientConfig.property(ClientProperties.CONNECT_TIMEOUT, timeoutMillis);
clientConfig.property(ClientProperties.READ_TIMEOUT, timeoutMillis);
client = WebUtils.createClient(clientConfig, sslContext);
+ if (!authUser.isEmpty() && !authType.isEmpty()) {
+ if (authType.equals("BASIC")) {
+ client.register(HttpAuthenticationFeature.basic(authUser,
authPass));
Review comment:
The string comparison should probably not be case sensitive.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
