Examples with ExpiringCredentialRefreshConfig - org.apache.kafka.common.security.oauthbearer.internals.expiring.ExpiringCredentialRefreshConfig

Example 1 with ExpiringCredentialRefreshConfig

use of org.apache.kafka.common.security.oauthbearer.internals.expiring.ExpiringCredentialRefreshConfig in project kafka by apache.

the class OAuthBearerRefreshingLogin method configure.

@Override
public void configure(Map<String, ?> configs, String contextName, Configuration configuration, AuthenticateCallbackHandler loginCallbackHandler) {
    /*
         * Specify this class as the one to synchronize on so that only one OAuth 2
         * Bearer Token is refreshed at a given time. Specify null if we don't mind
         * multiple simultaneously refreshes. Refreshes happen on the order of minutes
         * rather than seconds or milliseconds, and there are typically minutes of
         * lifetime remaining when the refresh occurs, so serializing them seems
         * reasonable.
         */
    Class<OAuthBearerRefreshingLogin> classToSynchronizeOnPriorToRefresh = OAuthBearerRefreshingLogin.class;
    expiringCredentialRefreshingLogin = new ExpiringCredentialRefreshingLogin(contextName, configuration, new ExpiringCredentialRefreshConfig(configs, true), loginCallbackHandler, classToSynchronizeOnPriorToRefresh) {

        @Override
        public ExpiringCredential expiringCredential() {
            Set<OAuthBearerToken> privateCredentialTokens = expiringCredentialRefreshingLogin.subject().getPrivateCredentials(OAuthBearerToken.class);
            if (privateCredentialTokens.isEmpty())
                return null;
            final OAuthBearerToken token = privateCredentialTokens.iterator().next();
            if (log.isDebugEnabled())
                log.debug("Found expiring credential with principal '{}'.", token.principalName());
            return new ExpiringCredential() {

                @Override
                public String principalName() {
                    return token.principalName();
                }

                @Override
                public Long startTimeMs() {
                    return token.startTimeMs();
                }

                @Override
                public long expireTimeMs() {
                    return token.lifetimeMs();
                }

                @Override
                public Long absoluteLastRefreshTimeMs() {
                    return null;
                }
            };
        }
    };
}

Also used : ExpiringCredential(org.apache.kafka.common.security.oauthbearer.internals.expiring.ExpiringCredential) Set(java.util.Set) ExpiringCredentialRefreshingLogin(org.apache.kafka.common.security.oauthbearer.internals.expiring.ExpiringCredentialRefreshingLogin) OAuthBearerToken(org.apache.kafka.common.security.oauthbearer.OAuthBearerToken) ExpiringCredentialRefreshConfig(org.apache.kafka.common.security.oauthbearer.internals.expiring.ExpiringCredentialRefreshConfig)

Aggregations

Set (java.util.Set)1 OAuthBearerToken (org.apache.kafka.common.security.oauthbearer.OAuthBearerToken)1 ExpiringCredential (org.apache.kafka.common.security.oauthbearer.internals.expiring.ExpiringCredential)1 ExpiringCredentialRefreshConfig (org.apache.kafka.common.security.oauthbearer.internals.expiring.ExpiringCredentialRefreshConfig)1 ExpiringCredentialRefreshingLogin (org.apache.kafka.common.security.oauthbearer.internals.expiring.ExpiringCredentialRefreshingLogin)1