[jira] [Commented] (KAFKA-17335) Lack of default for URL encoding configuration for OAuth causes NPE

Fri, 23 Aug 2024 14:22:04 -0700 


    [ 
https://issues.apache.org/jira/browse/KAFKA-17335?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17876370#comment-17876370
 ] 

Nelson B. commented on KAFKA-17335:
-----------------------------------

Hi [~kirktrue], thank you for catching this! I'm really sorry for causing this 
major bug. Just one question, since there is still some time left until the 
code freeze (27 August) wouldn't be it better to target 3.9.0? 

> Lack of default for URL encoding configuration for OAuth causes NPE
> -------------------------------------------------------------------
>
>                 Key: KAFKA-17335
>                 URL: https://issues.apache.org/jira/browse/KAFKA-17335
>             Project: Kafka
>          Issue Type: Bug
>          Components: clients, security
>    Affects Versions: 3.9.0
>            Reporter: Kirk True
>            Assignee: Kirk True
>            Priority: Major
>              Labels: OAuth, oauth
>             Fix For: 4.0.0
>
>
> KAFKA-16345 added a new client configuration option 
> {{{}SASL_OAUTHBEARER_HEADER_URLENCODE{}}}. This is an optional configuration, 
> so the user doesn't need to provide it. When an {{{}AdminConfig{}}}, 
> {{{}ConsumerConfig{}}}, or {{ProducerConfig}} object is created, it uses the 
> default value of {{DEFAULT_SASL_OAUTHBEARER_HEADER_URLENCODE}} if the value 
> isn't present.
> However, if the configuration is created as a plain {{Map}} or {{Properties}} 
> and the {{sasl.oauthbearer.header.urlencode}} key isn't present, it can lead 
> to a {{{}NullPointerException{}}}. This occurs because the code in 
> {{AccessTokenRetriever.create()}} assumes that there's always a value present 
> in the incoming {{configs}} parameter. But if there isn't an entry for the 
> {{sasl.oauthbearer.header.urlencode}} key in the map, a 
> {{NullPointerException}} is thrown.
> When using map-based configuration, one workaround is to explicitly add an 
> entry to the map like so:
> {code:java}
> Map<String, Object> configs = new HashMap();
> . . .
> configs.put(SASL_OAUTHBEARER_HEADER_URLENCODE, 
> DEFAULT_SASL_OAUTHBEARER_HEADER_URLENCODE);
> . . .
> configureSomething(configs);{code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to