Kalyan Ram chowdary purimetla created KAFKA-20584:
-----------------------------------------------------
Summary: issue in SASL oauthbearer flow for kraft version in kafka
4.2
Key: KAFKA-20584
URL: https://issues.apache.org/jira/browse/KAFKA-20584
Project: Kafka
Issue Type: Bug
Environment: Linux
Reporter: Kalyan Ram chowdary purimetla
Attachments: error-logs.txt
* We are testing the SASL oauth bearer for our requirements in the project
* We are facing some issues while trying to deploy with kafka 4.2 and are
facing some issues in accessing with the tokens
Server side properties are as follows
{code:java}
listeners=SASL_PLAINTEXT://:9092,CONTROLLER://:9093
advertised.listeners=SASL_PLAINTEXT://localhost:9092,CONTROLLER://localhost:9093
# Add this line to resolve the error
inter.broker.listener.name=SASL_PLAINTEXT
sasl.enabled.mechanisms=OAUTHBEARER
sasl.mechanism.inter.broker.protocol=OAUTHBEARER
listener.name.sasl_plaintext.oauthbearer.sasl.server.callback.handler.class=org.apache.kafka.common.security.oauthbearer.OAuthBearerValidatorCallbackHandler
listener.name.sasl_plaintext.oauthbearer.sasl.oauthbearer.jwks.endpoint.url=https://idcs-7d84fbd4d3f0434eb0f070fd3dd65fbf.identity.pint.oc9qadev.com:443/admin/v1/SigningCert/jwk
{code}
* Consumer side properties as follows
{code:java}
sasl.jaas.config:
org.apache.kafka.common.security.oauthbearer.OAuthBearerLoginModule required ;
security.protocol: SASL_PLAINTEXT sasl.mechanism: OAUTHBEARER
sasl.login.callback.handler.class:
org.apache.kafka.common.security.oauthbearer.OAuthBearerLoginCallbackHandler
sasl.oauthbearer.jwt.retriever.class:
org.apache.kafka.common.security.oauthbearer.ClientCredentialsJwtRetriever
sasl.oauthbearer.client.credentials.client.id: xxxxxxx
sasl.oauthbearer.client.credentials.client.secret: xxxxxxxxx
sasl.oauthbearer.scope: <scope> sasl.oauthbearer.token.endpoint.url:
<access_token_url>
{code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
