kirktrue commented on code in PR #19622:
URL: https://github.com/apache/kafka/pull/19622#discussion_r2085243145
##########
clients/src/main/java/org/apache/kafka/common/security/oauthbearer/OAuthBearerLoginCallbackHandler.java:
##########
@@ -179,55 +180,45 @@ public class OAuthBearerLoginCallbackHandler implements
AuthenticateCallbackHand
private Map<String, Object> moduleOptions;
- private AccessTokenRetriever accessTokenRetriever;
+ private JwtRetriever jwtRetriever;
- private AccessTokenValidator accessTokenValidator;
-
- private boolean isInitialized = false;
+ private JwtValidator jwtValidator;
@Override
public void configure(Map<String, ?> configs, String saslMechanism,
List<AppConfigurationEntry> jaasConfigEntries) {
- moduleOptions = JaasOptionsUtils.getOptions(saslMechanism,
jaasConfigEntries);
- AccessTokenRetriever accessTokenRetriever =
AccessTokenRetrieverFactory.create(configs, saslMechanism, moduleOptions);
- AccessTokenValidator accessTokenValidator =
AccessTokenValidatorFactory.create(configs, saslMechanism);
- init(accessTokenRetriever, accessTokenValidator);
+ Map<String, Object> moduleOptions =
JaasOptionsUtils.getOptions(saslMechanism, jaasConfigEntries);
+ JwtRetriever jwtRetriever = new DefaultJwtRetriever(configs,
saslMechanism, moduleOptions);
+ JwtValidator jwtValidator = new DefaultJwtValidator(configs,
saslMechanism);
+ configure(moduleOptions, jwtRetriever, jwtValidator);
}
- public void init(AccessTokenRetriever accessTokenRetriever,
AccessTokenValidator accessTokenValidator) {
- this.accessTokenRetriever = accessTokenRetriever;
- this.accessTokenValidator = accessTokenValidator;
+ void configure(Map<String, Object> moduleOptions, JwtRetriever
jwtRetriever, JwtValidator jwtValidator) {
+ this.moduleOptions = moduleOptions;
+ this.jwtRetriever = jwtRetriever;
+ this.jwtValidator = jwtValidator;
try {
- this.accessTokenRetriever.init();
+ this.jwtRetriever.init();
} catch (IOException e) {
- throw new KafkaException("The OAuth login configuration
encountered an error when initializing the AccessTokenRetriever", e);
+ throw new KafkaException("The OAuth login callback encountered an
error when initializing the JwtRetriever", e);
}
- isInitialized = true;
- }
-
- /*
- * Package-visible for testing.
- */
-
- AccessTokenRetriever getAccessTokenRetriever() {
- return accessTokenRetriever;
+ try {
+ this.jwtValidator.init();
+ } catch (IOException e) {
+ throw new KafkaException("The OAuth login callback encountered an
error when initializing the JwtValidator", e);
+ }
}
@Override
public void close() {
- if (accessTokenRetriever != null) {
- try {
- this.accessTokenRetriever.close();
- } catch (IOException e) {
- log.warn("The OAuth login configuration encountered an error
when closing the AccessTokenRetriever", e);
- }
- }
+ Utils.closeQuietly(jwtRetriever, "The OAuth login callback encountered
an error when closing the JwtRetriever");
+ Utils.closeQuietly(jwtValidator, "The OAuth login callback encountered
an error when closing the JwtValidator");
Review Comment:
I updated the string that was passed in to work correctly with the default
error message.
##########
clients/src/main/java/org/apache/kafka/common/security/oauthbearer/OAuthBearerValidatorCallbackHandler.java:
##########
@@ -135,37 +134,36 @@ public void configure(Map<String, ?> configs, String
saslMechanism, List<AppConf
new
RefCountingVerificationKeyResolver(VerificationKeyResolverFactory.create(configs,
saslMechanism, moduleOptions)));
}
- AccessTokenValidator accessTokenValidator =
AccessTokenValidatorFactory.create(configs, saslMechanism,
verificationKeyResolver);
- init(verificationKeyResolver, accessTokenValidator);
+ JwtValidator jwtValidator = new DefaultJwtValidator(configs,
saslMechanism, verificationKeyResolver);
+ configure(verificationKeyResolver, jwtValidator);
}
- public void init(CloseableVerificationKeyResolver verificationKeyResolver,
AccessTokenValidator accessTokenValidator) {
+ void configure(CloseableVerificationKeyResolver verificationKeyResolver,
JwtValidator jwtValidator) {
this.verificationKeyResolver = verificationKeyResolver;
- this.accessTokenValidator = accessTokenValidator;
+ this.jwtValidator = jwtValidator;
try {
verificationKeyResolver.init();
} catch (Exception e) {
- throw new KafkaException("The OAuth validator configuration
encountered an error when initializing the VerificationKeyResolver", e);
+ throw new KafkaException("The OAuth validator callback encountered
an error when initializing the VerificationKeyResolver", e);
}
- isInitialized = true;
+ try {
+ jwtValidator.init();
+ } catch (IOException e) {
+ throw new KafkaException("The OAuth validator callback encountered
an error when initializing the JwtValidator", e);
+ }
}
@Override
public void close() {
- if (verificationKeyResolver != null) {
- try {
- verificationKeyResolver.close();
- } catch (Exception e) {
- log.error(e.getMessage(), e);
- }
- }
+ Utils.closeQuietly(jwtValidator, "The OAuth validator callback
encountered an error when closing the JwtValidator");
+ Utils.closeQuietly(verificationKeyResolver, "The OAuth validator
callback encountered an error when closing the VerificationKeyResolver");
Review Comment:
I updated the string that was passed in to work correctly with the default
error message.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
