Example 6 with KafkaListenerAuthenticationOAuthBuilder
use of io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuthBuilder in project strimzi by strimzi.
the class KafkaClusterOAuthValidationTest method testOAuthValidationWithOAuthWithIntrospectionWithNoTypeCheck.
@ParallelTest
public void testOAuthValidationWithOAuthWithIntrospectionWithNoTypeCheck() {
assertThrows(InvalidResourceException.class, () -> {
KafkaListenerAuthenticationOAuth auth = new KafkaListenerAuthenticationOAuthBuilder().withValidIssuerUri("http://valid-issuer").withClientId("my-kafka-id").withNewClientSecret().withSecretName("my-secret-secret").withKey("my-secret-key").endClientSecret().withIntrospectionEndpointUri("http://introspection-endpoint").withCheckAccessTokenType(false).build();
ListenersValidator.validate(Reconciliation.DUMMY_RECONCILIATION, 3, getListeners(auth));
});
}
Also used :
KafkaListenerAuthenticationOAuth(io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuth)
KafkaListenerAuthenticationOAuthBuilder(io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuthBuilder)
ParallelTest(io.strimzi.test.annotations.ParallelTest)
Example 7 with KafkaListenerAuthenticationOAuthBuilder
use of io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuthBuilder in project strimzi by strimzi.
the class KafkaClusterOAuthValidationTest method testOAuthAuthnAuthz.
@ParallelTest
public void testOAuthAuthnAuthz() {
List<GenericKafkaListener> listeners = asList(new GenericKafkaListenerBuilder().withName("listener1").withPort(9900).withType(KafkaListenerType.INTERNAL).withAuth(new KafkaListenerAuthenticationOAuthBuilder().withClientId("my-client-id").withValidIssuerUri("http://valid-issuer").withJwksEndpointUri("http://jwks-endpoint").withJwksRefreshSeconds(30).withJwksExpirySeconds(90).withJwksMinRefreshPauseSeconds(5).withConnectTimeoutSeconds(20).withReadTimeoutSeconds(20).withGroupsClaim("$.groups").withMaxSecondsWithoutReauthentication(1800).withNewClientSecret().withSecretName("my-secret-secret").withKey("my-secret-key").endClientSecret().build()).build());
Kafka kafkaAssembly = new KafkaBuilder().withNewMetadata().withName("my-cluster").withNamespace("my-namespace").endMetadata().withNewSpec().withNewKafka().withReplicas(3).withStorage(new EphemeralStorage()).withListeners(listeners).withAuthorization(new KafkaAuthorizationKeycloakBuilder().withTokenEndpointUri("http://token-endpoint").withClientId("my-client-id").withDelegateToKafkaAcls(true).withGrantsRefreshPeriodSeconds(60).withGrantsRefreshPoolSize(5).withSuperUsers("alice", "CN=alice").build()).endKafka().withNewZookeeper().withReplicas(3).withStorage(new EphemeralStorage()).endZookeeper().endSpec().build();
KafkaCluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, kafkaAssembly, VERSIONS);
}
Also used :
GenericKafkaListener(io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListener)
GenericKafkaListenerBuilder(io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListenerBuilder)
Kafka(io.strimzi.api.kafka.model.Kafka)
KafkaBuilder(io.strimzi.api.kafka.model.KafkaBuilder)
KafkaAuthorizationKeycloakBuilder(io.strimzi.api.kafka.model.KafkaAuthorizationKeycloakBuilder)
EphemeralStorage(io.strimzi.api.kafka.model.storage.EphemeralStorage)
KafkaListenerAuthenticationOAuthBuilder(io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuthBuilder)
ParallelTest(io.strimzi.test.annotations.ParallelTest)
Example 8 with KafkaListenerAuthenticationOAuthBuilder
use of io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuthBuilder in project strimzi by strimzi.
the class KafkaClusterOAuthValidationTest method testOAuthValidationRefreshSecondsWithoutEndpointUri.
@ParallelTest
public void testOAuthValidationRefreshSecondsWithoutEndpointUri() {
assertThrows(InvalidResourceException.class, () -> {
KafkaListenerAuthenticationOAuth auth = new KafkaListenerAuthenticationOAuthBuilder().withIntrospectionEndpointUri("http://introspection").withClientId("my-client-id").withJwksRefreshSeconds(40).build();
ListenersValidator.validate(Reconciliation.DUMMY_RECONCILIATION, 3, getListeners(auth));
});
}
Also used :
KafkaListenerAuthenticationOAuth(io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuth)
KafkaListenerAuthenticationOAuthBuilder(io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuthBuilder)
ParallelTest(io.strimzi.test.annotations.ParallelTest)
Example 9 with KafkaListenerAuthenticationOAuthBuilder
use of io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuthBuilder in project strimzi by strimzi.
the class KafkaClusterOAuthValidationTest method testOAuthValidationRefreshSecondsNotSetWithExpirySecondsSet.
@ParallelTest
public void testOAuthValidationRefreshSecondsNotSetWithExpirySecondsSet() {
assertThrows(InvalidResourceException.class, () -> {
KafkaListenerAuthenticationOAuth auth = new KafkaListenerAuthenticationOAuthBuilder().withValidIssuerUri("http://valid-issuer").withJwksEndpointUri("http://jwks-endpoint").withJwksExpirySeconds(150).build();
ListenersValidator.validate(Reconciliation.DUMMY_RECONCILIATION, 3, getListeners(auth));
});
}
Also used :
KafkaListenerAuthenticationOAuth(io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuth)
KafkaListenerAuthenticationOAuthBuilder(io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuthBuilder)
ParallelTest(io.strimzi.test.annotations.ParallelTest)
Example 10 with KafkaListenerAuthenticationOAuthBuilder
use of io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuthBuilder in project strimzi by strimzi.
the class KafkaClusterOAuthValidationTest method testOAuthValidationWithMinimumJWKS.
@ParallelTest
public void testOAuthValidationWithMinimumJWKS() {
KafkaListenerAuthenticationOAuth auth = new KafkaListenerAuthenticationOAuthBuilder().withValidIssuerUri("http://valid-issuer").withJwksEndpointUri("http://jwks-endpoint").build();
ListenersValidator.validate(Reconciliation.DUMMY_RECONCILIATION, 3, getListeners(auth));
}
Also used :
KafkaListenerAuthenticationOAuth(io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuth)
KafkaListenerAuthenticationOAuthBuilder(io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuthBuilder)
ParallelTest(io.strimzi.test.annotations.ParallelTest)
Aggregations
KafkaListenerAuthenticationOAuthBuilder (io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuthBuilder)64
ParallelTest (io.strimzi.test.annotations.ParallelTest)64
KafkaListenerAuthenticationOAuth (io.strimzi.api.kafka.model.listener.KafkaListenerAuthenticationOAuth)44
GenericKafkaListenerBuilder (io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListenerBuilder)20
GenericKafkaListener (io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListener)12
Kafka (io.strimzi.api.kafka.model.Kafka)10
KafkaBuilder (io.strimzi.api.kafka.model.KafkaBuilder)10
Container (io.fabric8.kubernetes.api.model.Container)8
StatefulSet (io.fabric8.kubernetes.api.model.apps.StatefulSet)8
ArrayList (java.util.ArrayList)8
ConfigMap (io.fabric8.kubernetes.api.model.ConfigMap)6
ConfigMapKeySelectorBuilder (io.fabric8.kubernetes.api.model.ConfigMapKeySelectorBuilder)6
ContainerPort (io.fabric8.kubernetes.api.model.ContainerPort)6
EnvVar (io.fabric8.kubernetes.api.model.EnvVar)6
HasMetadata (io.fabric8.kubernetes.api.model.HasMetadata)6
HostAlias (io.fabric8.kubernetes.api.model.HostAlias)6
HostAliasBuilder (io.fabric8.kubernetes.api.model.HostAliasBuilder)6
IntOrString (io.fabric8.kubernetes.api.model.IntOrString)6
LabelSelectorBuilder (io.fabric8.kubernetes.api.model.LabelSelectorBuilder)6
LabelSelectorRequirementBuilder (io.fabric8.kubernetes.api.model.LabelSelectorRequirementBuilder)6
