Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Issue #3810][pulsar-broker] Implement configurable token auth claim #3826

Merged
merged 1 commit into from
Mar 14, 2019
Merged

[Issue #3810][pulsar-broker] Implement configurable token auth claim #3826

merged 1 commit into from
Mar 14, 2019

Conversation

klevy-toast
Copy link
Contributor

@klevy-toast klevy-toast commented Mar 14, 2019
edited
Loading

Resolves #3810

Please let me know if I've missed anything!

Motivation

This change allows more configuration of the AuthenticationTokenProvider, so that the user can specify which "claim" that is attached to the token should be used as the "role". Before, it was hard-coded in to use the token's subject claim ("sub").

Modifications

Added a field to the AuthenticationTokenProvider which controls which claim is returned from parseToken, and a method that sets that field based on the .conf file. Added some documentation and a test.

Verifying this change

  • Make sure that the change passes the CI checks.

This change added tests and can be verified as follows:

  • Added unit test to AuthenticationTokenProviderTest which sets the configuration and verifies that it picks up the right value

Does this pull request potentially affect one of the following parts:

If yes was chosen, please highlight the changes

  • Dependencies (does it add or upgrade a dependency): (no)
  • The public API: (no)
  • The schema: (no)
  • The default values of configurations: (no)
  • The wire protocol: (no)
  • The rest endpoints: (no)
  • The admin cli options: (no)
  • Anything that affects deployment: (no)

Documentation

  • Does this pull request introduce a new feature?
    • yes
  • If yes, how is the feature documented?
    • Addition to reference-configuration.md

merlimat
merlimat approved these changes Mar 14, 2019
View reviewed changes
Copy link
Contributor

@merlimat merlimat left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice!

Additionally (in different PR) we could also allow to set custom claims on the generate token CLI tools.

@merlimat merlimat added this to the 2.3.1 milestone Mar 14, 2019
@merlimat merlimat added the type/enhancement The enhancements for the existing features or docs. e.g. reduce memory usage of the delayed messages label Mar 14, 2019
@merlimat merlimat merged commit 85e577d into apache:master Mar 14, 2019
merlimat pushed a commit that referenced this pull request Mar 29, 2019
@klevy-toast @merlimat
Implement configurable token auth claim (#3826)
9355a19
@merlimat
Copy link
Contributor

merlimat commented Apr 1, 2019

Merged in 2.3.1 at
9355a19

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@merlimat merlimat merlimat approved these changes

Assignees
No one assigned
Labels
type/enhancement The enhancements for the existing features or docs. e.g. reduce memory usage of the delayed messages
Projects
None yet
Milestone
2.3.1
Development

Successfully merging this pull request may close these issues.
2 participants
@klevy-toast @merlimat