use of org.bf2.admin.kafka.systemtest.Environment.CONFIG in project kafka-admin-api by bf2fc6cc711aee1a0c2a.
the class TopicOperations method updateTopic.
public CompletionStage<Types.Topic> updateTopic(KafkaAdminClient ac, String topicName, Types.TopicSettings topicToUpdate) {
Promise<Types.Topic> prom = Promise.promise();
List<ConfigEntry> ceList = new ArrayList<>();
if (topicToUpdate.getConfig() != null) {
topicToUpdate.getConfig().stream().forEach(cfgEntry -> {
ConfigEntry ce = new ConfigEntry(cfgEntry.getKey(), cfgEntry.getValue());
ceList.add(ce);
});
}
Config cfg = new Config(ceList);
ConfigResource resource = new ConfigResource(org.apache.kafka.common.config.ConfigResource.Type.TOPIC, topicName);
// we have to describe first, otherwise we cannot determine whether the topic exists or not (alterConfigs returns just server error)
getTopicDescAndConf(ac, topicName).future().compose(topic -> {
Promise<Void> updateTopicPartitions = Promise.promise();
if (topicToUpdate.getNumPartitions() != null && topicToUpdate.getNumPartitions() != topic.getPartitions().size()) {
ac.createPartitions(Collections.singletonMap(topic.getName(), new NewPartitions(topicToUpdate.getNumPartitions(), null)), updateTopicPartitions);
} else {
updateTopicPartitions.complete();
}
return updateTopicPartitions.future();
}).compose(i -> {
Promise<Void> updateTopicConfigPromise = Promise.promise();
ac.alterConfigs(Collections.singletonMap(resource, cfg), updateTopicConfigPromise);
return updateTopicConfigPromise.future();
}).compose(update -> getTopicDescAndConf(ac, topicName).future()).onComplete(desc -> {
if (desc.failed()) {
prom.fail(desc.cause());
} else {
prom.complete(desc.result());
}
ac.close();
});
return prom.future().toCompletionStage();
}
use of org.bf2.admin.kafka.systemtest.Environment.CONFIG in project kafka-admin-api by bf2fc6cc711aee1a0c2a.
the class AdminClientFactory method createConsumer.
public Consumer<String, String> createConsumer(Integer limit) {
Map<String, Object> props = config.getConsumerConfig();
if (config.isOauthEnabled()) {
if (token.isResolvable()) {
final String accessToken = token.get().getRawToken();
props.put(SaslConfigs.SASL_JAAS_CONFIG, String.format(SASL_OAUTH_CONFIG_TEMPLATE, accessToken));
} else {
log.warn("OAuth is enabled, but there is no JWT principal");
}
} else if (config.isBasicEnabled()) {
extractCredentials(Optional.ofNullable(headers.get().getHeaderString(HttpHeaders.AUTHORIZATION))).ifPresentOrElse(credentials -> props.put(SaslConfigs.SASL_JAAS_CONFIG, credentials), () -> {
throw new NotAuthorizedException("Invalid or missing credentials", Response.status(Status.UNAUTHORIZED).build());
});
} else {
log.debug("OAuth is disabled - no attempt to set access token in Admin Client config");
}
// props.put(ConsumerConfig.GROUP_ID_CONFIG, UUID.randomUUID().toString());
props.put(ConsumerConfig.ALLOW_AUTO_CREATE_TOPICS_CONFIG, "false");
props.put(ConsumerConfig.KEY_DESERIALIZER_CLASS_CONFIG, StringDeserializer.class.getName());
props.put(ConsumerConfig.VALUE_DESERIALIZER_CLASS_CONFIG, StringDeserializer.class.getName());
props.put(ConsumerConfig.SESSION_TIMEOUT_MS_CONFIG, 50_000);
props.put(ConsumerConfig.AUTO_OFFSET_RESET_CONFIG, "earliest");
if (limit != null) {
props.put(ConsumerConfig.MAX_POLL_RECORDS_CONFIG, String.valueOf(limit));
}
return new KafkaConsumer<>(props);
}
use of org.bf2.admin.kafka.systemtest.Environment.CONFIG in project kafka-admin-api by bf2fc6cc711aee1a0c2a.
the class AdminClientFactory method createAdminClient.
/**
* Route handler common to all Kafka resource routes. Responsible for creating
* the map of properties used to configure the Kafka Admin Client. When OAuth
* has been enabled via the environment, the access token will be retrieved from
* the authenticated user principal present in the context (created by Vert.x
* handler when a valid JWT was presented by the client). The configuration property
* map will be placed in the context under the key identified by the
* {@link #ADMIN_CLIENT_CONFIG} constant.
*/
public AdminClient createAdminClient() {
Map<String, Object> acConfig = config.getAcConfig();
if (config.isOauthEnabled()) {
if (token.isResolvable()) {
final String accessToken = token.get().getRawToken();
if (accessToken == null) {
throw new NotAuthorizedException(Response.status(Status.UNAUTHORIZED));
}
acConfig.put(SaslConfigs.SASL_JAAS_CONFIG, String.format(SASL_OAUTH_CONFIG_TEMPLATE, accessToken));
} else {
log.warn("OAuth is enabled, but there is no JWT principal");
}
} else if (config.isBasicEnabled()) {
extractCredentials(Optional.ofNullable(headers.get().getHeaderString(HttpHeaders.AUTHORIZATION))).ifPresentOrElse(credentials -> acConfig.put(SaslConfigs.SASL_JAAS_CONFIG, credentials), () -> {
throw new NotAuthorizedException("Invalid or missing credentials", Response.status(Status.UNAUTHORIZED).build());
});
} else {
log.debug("OAuth is disabled - no attempt to set access token in Admin Client config");
}
return AdminClient.create(acConfig);
}
use of org.bf2.admin.kafka.systemtest.Environment.CONFIG in project kafka-admin-api by bf2fc6cc711aee1a0c2a.
the class AccessControlListIT method setup.
@BeforeEach
void setup() {
validResourceOperations = config.getValue(KafkaAdminConfigRetriever.ACL_RESOURCE_OPERATIONS, String.class);
tokenUtils = new TokenUtils(config);
}
use of org.bf2.admin.kafka.systemtest.Environment.CONFIG in project kafka-admin-api by bf2fc6cc711aee1a0c2a.
the class AccessControlListIT method testGetAclsOrderByProperies.
@ParameterizedTest
@CsvSource({ Types.AclBinding.PROP_PERMISSION + "," + SORT_ASC, Types.AclBinding.PROP_PERMISSION + "," + SORT_DESC, Types.AclBinding.PROP_RESOURCE_TYPE + "," + SORT_ASC, Types.AclBinding.PROP_RESOURCE_TYPE + "," + SORT_DESC, Types.AclBinding.PROP_PATTERN_TYPE + "," + SORT_ASC, Types.AclBinding.PROP_PATTERN_TYPE + "," + SORT_DESC, Types.AclBinding.PROP_OPERATION + "," + SORT_ASC, Types.AclBinding.PROP_OPERATION + "," + SORT_DESC, Types.AclBinding.PROP_PRINCIPAL + "," + SORT_ASC, Types.AclBinding.PROP_PRINCIPAL + "," + SORT_DESC, Types.AclBinding.PROP_RESOURCE_NAME + "," + SORT_ASC, Types.AclBinding.PROP_RESOURCE_NAME + "," + SORT_DESC })
void testGetAclsOrderByProperies(String orderKey, String order) throws Exception {
JsonObject allowedResourceOperations = Json.createReader(new StringReader(validResourceOperations)).readObject();
List<JsonObject> newBindings = Stream.of(Json.createObjectBuilder().build()).flatMap(binding -> join(binding, Types.AclBinding.PROP_PERMISSION, AclPermissionType.ALLOW, AclPermissionType.DENY)).flatMap(binding -> join(binding, Types.AclBinding.PROP_RESOURCE_TYPE, ResourceType.TOPIC, ResourceType.GROUP, ResourceType.CLUSTER, ResourceType.TRANSACTIONAL_ID)).flatMap(binding -> join(binding, Types.AclBinding.PROP_PATTERN_TYPE, PatternType.LITERAL, PatternType.PREFIXED)).flatMap(binding -> join(binding, Types.AclBinding.PROP_OPERATION, AclOperation.READ, AclOperation.ALL, AclOperation.ALTER, AclOperation.DELETE, AclOperation.CREATE, AclOperation.ALTER_CONFIGS, AclOperation.DESCRIBE, AclOperation.DESCRIBE_CONFIGS, AclOperation.WRITE)).flatMap(binding -> join(binding, Types.AclBinding.PROP_PRINCIPAL, "User:{uuid}")).flatMap(binding -> join(binding, Types.AclBinding.PROP_RESOURCE_NAME, "resource-{uuid}")).filter(binding -> {
String resourceType = binding.getString(Types.AclBinding.PROP_RESOURCE_TYPE).toLowerCase(Locale.US);
String operation = binding.getString(Types.AclBinding.PROP_OPERATION).toLowerCase(Locale.US);
return allowedResourceOperations.getJsonArray(resourceType).stream().filter(value -> value.getValueType() == ValueType.STRING).map(JsonString.class::cast).map(JsonString::getString).anyMatch(operation::equals);
}).map(binding -> {
if (ResourceType.CLUSTER.name().equals(binding.getString(Types.AclBinding.PROP_RESOURCE_TYPE))) {
// Only value allowed is "kafka-cluster"
binding = Json.createObjectBuilder(binding).add(Types.AclBinding.PROP_RESOURCE_NAME, "kafka-cluster").build();
}
return binding;
}).distinct().collect(Collectors.toList());
List<String> sortKeys = new LinkedList<>(AccessControlOperations.SORT_KEYS.keySet());
// Remove the primary sort key, handled as a special case
sortKeys.remove(orderKey);
List<JsonObject> expectedValues = newBindings.stream().map(JsonObject.class::cast).sorted((j1, j2) -> {
int result;
if ((result = j1.getString(orderKey).compareTo(j2.getString(orderKey))) != 0) {
return SORT_DESC.equals(order) ? (result * -1) : result;
}
for (String key : sortKeys) {
if ((result = j1.getString(key).compareTo(j2.getString(key))) != 0) {
return result;
}
}
return 0;
}).collect(Collectors.toList());
final int expectedTotal = newBindings.size();
final int pageSize = expectedTotal + 1;
final var queryParams = Map.of("page", "1", "size", String.valueOf(pageSize), "orderKey", orderKey, "order", order);
Properties adminConfig = ClientsConfig.getAdminConfigOauth(config, tokenUtils.getToken(UserType.OWNER.getUsername()));
/*
* Due to the number of ACLs created for this case (> 200), using the
* bulk API directly is necessary.
*/
try (Admin admin = Admin.create(adminConfig)) {
admin.createAcls(newBindings.stream().map(Types.AclBinding::fromJsonObject).map(Types.AclBinding::toKafkaBinding).collect(Collectors.toList())).all().whenComplete((result, error) -> {
if (error != null) {
fail(error);
} else {
var response = getAcls(UserType.OWNER, queryParams).body("total", equalTo(expectedTotal)).body("size", equalTo(pageSize)).body("page", equalTo(1)).body("items", hasSize(expectedTotal));
JsonObject responseBody = Json.createReader(response.extract().asInputStream()).readObject();
List<JsonObject> responseValues = responseBody.getJsonArray("items").stream().map(JsonObject.class::cast).collect(Collectors.toList());
assertEquals(expectedValues, responseValues, "Unexpected response order");
}
}).toCompletionStage().toCompletableFuture().get(30, TimeUnit.SECONDS);
}
}
Aggregations