Search in sources :

Example 6 with OAuthBearerTokenCallback

use of org.apache.kafka.common.security.oauthbearer.OAuthBearerTokenCallback in project kafka by apache.

the class OAuthBearerUnsecuredLoginCallbackHandlerTest method minimalToken.

@Test
public void minimalToken() throws IOException, UnsupportedCallbackException {
    Map<String, String> options = new HashMap<>();
    String user = "user";
    options.put("unsecuredLoginStringClaim_sub", user);
    MockTime mockTime = new MockTime();
    OAuthBearerUnsecuredLoginCallbackHandler callbackHandler = createCallbackHandler(options, mockTime);
    OAuthBearerTokenCallback callback = new OAuthBearerTokenCallback();
    callbackHandler.handle(new Callback[] { callback });
    OAuthBearerUnsecuredJws jws = (OAuthBearerUnsecuredJws) callback.token();
    assertNotNull(jws, "create token failed");
    long startMs = mockTime.milliseconds();
    confirmCorrectValues(jws, user, startMs, 1000 * 60 * 60);
    assertEquals(new HashSet<>(Arrays.asList("sub", "iat", "exp")), jws.claims().keySet());
}
Also used : OAuthBearerTokenCallback(org.apache.kafka.common.security.oauthbearer.OAuthBearerTokenCallback) HashMap(java.util.HashMap) MockTime(org.apache.kafka.common.utils.MockTime) Test(org.junit.jupiter.api.Test)

Example 7 with OAuthBearerTokenCallback

use of org.apache.kafka.common.security.oauthbearer.OAuthBearerTokenCallback in project kafka by apache.

the class OAuthBearerLoginCallbackHandlerTest method testMissingAccessToken.

@Test
public void testMissingAccessToken() {
    AccessTokenRetriever accessTokenRetriever = () -> {
        throw new IOException("The token endpoint response access_token value must be non-null");
    };
    Map<String, ?> configs = getSaslConfigs();
    OAuthBearerLoginCallbackHandler handler = createHandler(accessTokenRetriever, configs);
    try {
        OAuthBearerTokenCallback callback = new OAuthBearerTokenCallback();
        assertThrowsWithMessage(IOException.class, () -> handler.handle(new Callback[] { callback }), "token endpoint response access_token value must be non-null");
    } finally {
        handler.close();
    }
}
Also used : OAuthBearerTokenCallback(org.apache.kafka.common.security.oauthbearer.OAuthBearerTokenCallback) OAuthBearerTokenCallback(org.apache.kafka.common.security.oauthbearer.OAuthBearerTokenCallback) SaslExtensionsCallback(org.apache.kafka.common.security.auth.SaslExtensionsCallback) Callback(javax.security.auth.callback.Callback) IOException(java.io.IOException) Test(org.junit.jupiter.api.Test)

Aggregations

OAuthBearerTokenCallback (org.apache.kafka.common.security.oauthbearer.OAuthBearerTokenCallback)7 Test (org.junit.jupiter.api.Test)4 IOException (java.io.IOException)2 HashMap (java.util.HashMap)2 SaslExtensions (org.apache.kafka.common.security.auth.SaslExtensions)2 OAuthBearerToken (org.apache.kafka.common.security.oauthbearer.OAuthBearerToken)2 MockTime (org.apache.kafka.common.utils.MockTime)2 List (java.util.List)1 Callback (javax.security.auth.callback.Callback)1 UnsupportedCallbackException (javax.security.auth.callback.UnsupportedCallbackException)1 SaslException (javax.security.sasl.SaslException)1 IllegalSaslStateException (org.apache.kafka.common.errors.IllegalSaslStateException)1 SaslExtensionsCallback (org.apache.kafka.common.security.auth.SaslExtensionsCallback)1