Great, thank you On Mon, May 5, 2025 at 9:20 PM Kirk True <k...@kirktrue.pro> wrote:
> Hi Emanuele, > > The inability to generate the assertion will ultimately end up as a > javax.security.auth.login.LoginException. The OAuth layer uses the same > error handling as the other Kafka client security plugins. > > Thanks, > Kirk > > On Sat, May 3, 2025, at 6:11 AM, Emanuele Sabellico wrote: > > Thanks for the KIP Kirk! I have this question: > > > > 1. `sasl.oauthbearer.assertion.algorithm` is used to select the JOSE > > signature algorithm so it also contains the hash size. Just you have to > > choose one that matches your private key algorithm, only SHA256 at the > > moment. What kind of error is returned in Java client in case the > > configured JOSE algorithm isn't compatible with the private key? > > > > Thanks! > > Emanuele > > > > On 2025/03/14 18:51:18 Kirk True wrote: > > > Hi all, > > > > > > I would like to start a discussion for KIP-1139: Add support for OAuth > > jwt-bearer grant type: > > > > > > https://cwiki.apache.org/confluence/x/uIxEF > > > > > > The proposal is twofold: > > > > > > * Add support for the OAuth 2.0 JWT Bearer grant type to avoid use of > > plaintext client secrets > > > * Promote internal APIs for public use by this and future OAuth work > > > > > > Thanks! > > > Kirk > > >
