Examples with KafkaListenerAuthenticationOAuth - io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuth

Example 11 with KafkaListenerAuthenticationOAuth

use of io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuth in project strimzi by strimzi.

the class KafkaClusterOAuthValidationTest method testOAuthValidationIntrospectionEndpointUriWithoutClientId.

@ParallelTest
public void testOAuthValidationIntrospectionEndpointUriWithoutClientId() {
    assertThrows(InvalidResourceException.class, () -> {
        KafkaListenerAuthenticationOAuth auth = new KafkaListenerAuthenticationOAuthBuilder().withIntrospectionEndpointUri("http://introspection").withNewClientSecret().withSecretName("my-secret-secret").withKey("my-secret-key").endClientSecret().build();
        ListenersValidator.validate(Reconciliation.DUMMY_RECONCILIATION, 3, getListeners(auth));
    });
}

Also used : KafkaListenerAuthenticationOAuth(io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuth) KafkaListenerAuthenticationOAuthBuilder(io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuthBuilder) ParallelTest(io.strimzi.test.annotations.ParallelTest)

Example 12 with KafkaListenerAuthenticationOAuth

use of io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuth in project strimzi by strimzi.

the class KafkaClusterOAuthValidationTest method testOAuthValidationWithJwksRefreshAndIntrospection.

@ParallelTest
public void testOAuthValidationWithJwksRefreshAndIntrospection() {
    assertThrows(InvalidResourceException.class, () -> {
        KafkaListenerAuthenticationOAuth auth = new KafkaListenerAuthenticationOAuthBuilder().withClientId("my-client-id").withValidIssuerUri("http://valid-issuer").withIntrospectionEndpointUri("http://introspection").withJwksRefreshSeconds(60).withNewClientSecret().withSecretName("my-secret-secret").withKey("my-secret-key").endClientSecret().build();
        ListenersValidator.validate(Reconciliation.DUMMY_RECONCILIATION, 3, getListeners(auth));
    });
}

Example 13 with KafkaListenerAuthenticationOAuth

use of io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuth in project strimzi by strimzi.

the class KafkaClusterOAuthValidationTest method testOAuthValidationMissingValidIssuerUri.

@ParallelTest
public void testOAuthValidationMissingValidIssuerUri() {
    assertThrows(InvalidResourceException.class, () -> {
        KafkaListenerAuthenticationOAuth auth = new KafkaListenerAuthenticationOAuthBuilder().withClientId("my-client-id").withIntrospectionEndpointUri("http://introspection").withNewClientSecret().withSecretName("my-secret-secret").withKey("my-secret-key").endClientSecret().build();
        ListenersValidator.validate(Reconciliation.DUMMY_RECONCILIATION, 3, getListeners(auth));
    });
}

Example 14 with KafkaListenerAuthenticationOAuth

use of io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuth in project strimzi by strimzi.

the class KafkaBrokerConfigurationBuilderTest method testOAuthDefaultOptions.

@ParallelTest
public void testOAuthDefaultOptions() {
    KafkaListenerAuthenticationOAuth auth = new KafkaListenerAuthenticationOAuthBuilder().build();
    List<String> actualOptions = KafkaBrokerConfigurationBuilder.getOAuthOptions(auth);
    assertThat(actualOptions, is(equalTo(Collections.emptyList())));
}

Also used : KafkaListenerAuthenticationOAuth(io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuth) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) KafkaListenerAuthenticationOAuthBuilder(io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuthBuilder) ParallelTest(io.strimzi.test.annotations.ParallelTest)

Example 15 with KafkaListenerAuthenticationOAuth

use of io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuth in project strimzi-kafka-operator by strimzi.

the class KafkaCluster method getEnvVars.

@Override
protected List<EnvVar> getEnvVars() {
    List<EnvVar> varList = new ArrayList<>();
    varList.add(buildEnvVar(ENV_VAR_KAFKA_METRICS_ENABLED, String.valueOf(isMetricsEnabled)));
    varList.add(buildEnvVar(ENV_VAR_STRIMZI_KAFKA_GC_LOG_ENABLED, String.valueOf(gcLoggingEnabled)));
    if (javaSystemProperties != null) {
        varList.add(buildEnvVar(ENV_VAR_STRIMZI_JAVA_SYSTEM_PROPERTIES, ModelUtils.getJavaSystemPropertiesToString(javaSystemProperties)));
    }
    heapOptions(varList, 0.5, 5L * 1024L * 1024L * 1024L);
    jvmPerformanceOptions(varList);
    for (GenericKafkaListener listener : listeners) {
        if (isListenerWithOAuth(listener)) {
            KafkaListenerAuthenticationOAuth oauth = (KafkaListenerAuthenticationOAuth) listener.getAuth();
            if (oauth.getClientSecret() != null) {
                varList.add(buildEnvVarFromSecret("STRIMZI_" + ListenersUtils.envVarIdentifier(listener) + "_OAUTH_CLIENT_SECRET", oauth.getClientSecret().getSecretName(), oauth.getClientSecret().getKey()));
            }
        }
    }
    if (isJmxEnabled()) {
        varList.add(buildEnvVar(ENV_VAR_KAFKA_JMX_ENABLED, "true"));
        if (isJmxAuthenticated) {
            varList.add(buildEnvVarFromSecret(ENV_VAR_KAFKA_JMX_USERNAME, jmxSecretName(cluster), SECRET_JMX_USERNAME_KEY));
            varList.add(buildEnvVarFromSecret(ENV_VAR_KAFKA_JMX_PASSWORD, jmxSecretName(cluster), SECRET_JMX_PASSWORD_KEY));
        }
    }
    // Add shared environment variables used for all containers
    varList.addAll(getRequiredEnvVars());
    // Add user defined environment variables to the Kafka broker containers
    addContainerEnvsToExistingEnvs(varList, templateKafkaContainerEnvVars);
    return varList;
}

Also used : GenericKafkaListener(io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListener) ArrayList(java.util.ArrayList) ContainerEnvVar(io.strimzi.api.kafka.model.ContainerEnvVar) EnvVar(io.fabric8.kubernetes.api.model.EnvVar) KafkaListenerAuthenticationOAuth(io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuth)

Aggregations

KafkaListenerAuthenticationOAuth (io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuth)58 KafkaListenerAuthenticationOAuthBuilder (io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuthBuilder)44 ParallelTest (io.strimzi.test.annotations.ParallelTest)44 GenericKafkaListener (io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListener)12 ArrayList (java.util.ArrayList)10 KafkaAuthorizationKeycloak (io.strimzi.api.kafka.model.KafkaAuthorizationKeycloak)6 KafkaListenerAuthenticationCustom (io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationCustom)6 VolumeMount (io.fabric8.kubernetes.api.model.VolumeMount)4 CertAndKeySecretSource (io.strimzi.api.kafka.model.CertAndKeySecretSource)4 KafkaResources (io.strimzi.api.kafka.model.KafkaResources)4 List (java.util.List)4 Collectors (java.util.stream.Collectors)4 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)3 EnvVar (io.fabric8.kubernetes.api.model.EnvVar)2 LabelSelector (io.fabric8.kubernetes.api.model.LabelSelector)2 Volume (io.fabric8.kubernetes.api.model.Volume)2 ContainerEnvVar (io.strimzi.api.kafka.model.ContainerEnvVar)2 CruiseControlSpec (io.strimzi.api.kafka.model.CruiseControlSpec)2 KafkaAuthorization (io.strimzi.api.kafka.model.KafkaAuthorization)2 KafkaAuthorizationCustom (io.strimzi.api.kafka.model.KafkaAuthorizationCustom)2