Examples with SaslExtensions org.apache.kafka.common.security.auth.SaslExtensions used on opensource projects

Search in sources :

Example 6 with SaslExtensions

use of org.apache.kafka.common.security.auth.SaslExtensions in project kafka by apache.

the class OAuthBearerExtensionsValidatorCallbackTest method testInvalidExtensionsAndErrorMessagesAreReturned.

@Test
public void testInvalidExtensionsAndErrorMessagesAreReturned() {
    Map<String, String> extensions = new HashMap<>();
    extensions.put("hello", "bye");
    OAuthBearerExtensionsValidatorCallback callback = new OAuthBearerExtensionsValidatorCallback(TOKEN, new SaslExtensions(extensions));
    assertTrue(callback.validatedExtensions().isEmpty());
    assertTrue(callback.invalidExtensions().isEmpty());
    callback.error("hello", "error");
    assertFalse(callback.invalidExtensions().isEmpty());
    assertEquals("error", callback.invalidExtensions().get("hello"));
    assertTrue(callback.validatedExtensions().isEmpty());
}
Also used : HashMap(java.util.HashMap) SaslExtensions(org.apache.kafka.common.security.auth.SaslExtensions) Test(org.junit.jupiter.api.Test)

Example 7 with SaslExtensions

use of org.apache.kafka.common.security.auth.SaslExtensions in project kafka by apache.

the class OAuthBearerExtensionsValidatorCallbackTest method testValidatedExtensionsAreReturned.

@Test
public void testValidatedExtensionsAreReturned() {
    Map<String, String> extensions = new HashMap<>();
    extensions.put("hello", "bye");
    OAuthBearerExtensionsValidatorCallback callback = new OAuthBearerExtensionsValidatorCallback(TOKEN, new SaslExtensions(extensions));
    assertTrue(callback.validatedExtensions().isEmpty());
    assertTrue(callback.invalidExtensions().isEmpty());
    callback.valid("hello");
    assertFalse(callback.validatedExtensions().isEmpty());
    assertEquals("bye", callback.validatedExtensions().get("hello"));
    assertTrue(callback.invalidExtensions().isEmpty());
}
Also used : HashMap(java.util.HashMap) SaslExtensions(org.apache.kafka.common.security.auth.SaslExtensions) Test(org.junit.jupiter.api.Test)

Example 8 with SaslExtensions

use of org.apache.kafka.common.security.auth.SaslExtensions in project kafka by apache.

the class OAuthBearerSaslClientTest method testNoExtensionsDoesNotAttachAnythingToFirstClientMessage.

@Test
public void testNoExtensionsDoesNotAttachAnythingToFirstClientMessage() throws Exception {
    TEST_PROPERTIES.clear();
    testExtensions = new SaslExtensions(TEST_PROPERTIES);
    String expectedToken = new String(new OAuthBearerClientInitialResponse("", new SaslExtensions(TEST_PROPERTIES)).toBytes(), StandardCharsets.UTF_8);
    OAuthBearerSaslClient client = new OAuthBearerSaslClient(new ExtensionsCallbackHandler(false));
    String message = new String(client.evaluateChallenge("".getBytes()), StandardCharsets.UTF_8);
    assertEquals(expectedToken, message);
}
Also used : SaslExtensions(org.apache.kafka.common.security.auth.SaslExtensions) Test(org.junit.jupiter.api.Test)

Example 9 with SaslExtensions

use of org.apache.kafka.common.security.auth.SaslExtensions in project kafka by apache.

the class OAuthBearerSaslClientCallbackHandler method handleCallback.

/**
 * Attaches the first {@link SaslExtensions} found in the public credentials of the Subject
 */
private static void handleCallback(SaslExtensionsCallback extensionsCallback, Subject subject) {
    if (subject != null && !subject.getPublicCredentials(SaslExtensions.class).isEmpty()) {
        SaslExtensions extensions = subject.getPublicCredentials(SaslExtensions.class).iterator().next();
        extensionsCallback.extensions(extensions);
    }
}
Also used : SaslExtensions(org.apache.kafka.common.security.auth.SaslExtensions)

Example 10 with SaslExtensions

use of org.apache.kafka.common.security.auth.SaslExtensions in project kafka by apache.

the class OAuthBearerSaslServer method process.

private byte[] process(String tokenValue, String authorizationId, SaslExtensions extensions) throws SaslException {
    OAuthBearerValidatorCallback callback = new OAuthBearerValidatorCallback(tokenValue);
    try {
        callbackHandler.handle(new Callback[] { callback });
    } catch (IOException | UnsupportedCallbackException e) {
        handleCallbackError(e);
    }
    OAuthBearerToken token = callback.token();
    if (token == null) {
        errorMessage = jsonErrorResponse(callback.errorStatus(), callback.errorScope(), callback.errorOpenIDConfiguration());
        log.debug(errorMessage);
        return errorMessage.getBytes(StandardCharsets.UTF_8);
    }
    /*
         * We support the client specifying an authorization ID as per the SASL
         * specification, but it must match the principal name if it is specified.
         */
    if (!authorizationId.isEmpty() && !authorizationId.equals(token.principalName()))
        throw new SaslAuthenticationException(String.format("Authentication failed: Client requested an authorization id (%s) that is different from the token's principal name (%s)", authorizationId, token.principalName()));
    Map<String, String> validExtensions = processExtensions(token, extensions);
    tokenForNegotiatedProperty = token;
    this.extensions = new SaslExtensions(validExtensions);
    complete = true;
    log.debug("Successfully authenticate User={}", token.principalName());
    return new byte[0];
}
Also used : SaslExtensions(org.apache.kafka.common.security.auth.SaslExtensions) OAuthBearerToken(org.apache.kafka.common.security.oauthbearer.OAuthBearerToken) OAuthBearerValidatorCallback(org.apache.kafka.common.security.oauthbearer.OAuthBearerValidatorCallback) IOException(java.io.IOException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) SaslAuthenticationException(org.apache.kafka.common.errors.SaslAuthenticationException)

Aggregations

SaslExtensions (org.apache.kafka.common.security.auth.SaslExtensions)20 Test (org.junit.jupiter.api.Test)13 HashMap (java.util.HashMap)7 Subject (javax.security.auth.Subject)6 Map (java.util.Map)3 UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)3 SaslException (javax.security.sasl.SaslException)3 IOException (java.io.IOException)2 ConfigException (org.apache.kafka.common.config.ConfigException)2 OAuthBearerToken (org.apache.kafka.common.security.oauthbearer.OAuthBearerToken)2 OAuthBearerTokenCallback (org.apache.kafka.common.security.oauthbearer.OAuthBearerTokenCallback)2 Callback (javax.security.auth.callback.Callback)1 NameCallback (javax.security.auth.callback.NameCallback)1 PasswordCallback (javax.security.auth.callback.PasswordCallback)1 AuthorizeCallback (javax.security.sasl.AuthorizeCallback)1 RealmCallback (javax.security.sasl.RealmCallback)1 IllegalSaslStateException (org.apache.kafka.common.errors.IllegalSaslStateException)1 SaslAuthenticationException (org.apache.kafka.common.errors.SaslAuthenticationException)1 SaslExtensionsCallback (org.apache.kafka.common.security.auth.SaslExtensionsCallback)1 OAuthBearerValidatorCallback (org.apache.kafka.common.security.oauthbearer.OAuthBearerValidatorCallback)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial