ijuma commented on a change in pull request #8591: URL: https://github.com/apache/kafka/pull/8591#discussion_r418035530
########## File path: core/src/main/scala/kafka/security/authorizer/AclEntry.scala ########## @@ -92,6 +95,23 @@ object AclEntry { }.getOrElse(Set.empty) } + /** + * Parse a JSON string into a JsonValue if possible. `None` is returned if `input` is not valid JSON. This method is currently used + * to read the already stored invalid ACLs JSON which was persisted using older versions of Kafka (prior to Kafka 1.1.0). KAFKA-6319 + */ + private def parseBytesWithAclFallback(input: Array[Byte]): Option[JsonValue] = { + // Before 1.0.1, Json#encode did not escape backslash or any other special characters. SSL principals + // stored in ACLs may contain backslash as an escape char, making the JSON generated in earlier versions invalid. + // Escape backslash and retry to handle these strings which may have been persisted in ZK. + // Note that this does not handle all special characters (e.g. non-escaped double quotes are not supported) + Json.tryParseBytes(input) match { + case Left(e) => Review comment: Nit: `e` -> `_`. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org