TaiJuWu commented on code in PR #16905:
URL: https://github.com/apache/kafka/pull/16905#discussion_r1729656258
##########
core/src/test/scala/integration/kafka/api/SaslSslAdminIntegrationTest.scala:
##########
@@ -331,6 +332,52 @@ class SaslSslAdminIntegrationTest extends
BaseAdminIntegrationTest with SaslSetu
assertFutureExceptionTypeEquals(results.values.get(emptyResourceNameAcl),
classOf[InvalidRequestException])
}
+ @ParameterizedTest
+ @ValueSource(strings = Array("zk", "kraft"))
+ def testCreateDelegationTokenWithLargeTimeout(quorum: String): Unit = {
+ client = createAdminClient
+ val timeout = Long.MaxValue
+
+ val options = new CreateDelegationTokenOptions().maxlifeTimeMs(timeout)
+ val token = client.createDelegationToken(options).delegationToken().get()
+
+
assertEquals(DelegationTokenManagerConfigs.DELEGATION_TOKEN_MAX_LIFE_TIME_MS_DEFAULT,
token.tokenInfo.maxTimestamp - token.tokenInfo.issueTimestamp)
+ assertTrue(token.tokenInfo.maxTimestamp >= token.tokenInfo.expiryTimestamp)
+ }
+
+ @ParameterizedTest
+ @ValueSource(strings = Array("zk", "kraft"))
+ def testCreateDelegationTokenWithNegativeTimeout(quorum: String): Unit = {
+ client = createAdminClient
+ val timeout = -1
+
+ val options = new CreateDelegationTokenOptions().maxlifeTimeMs(timeout)
+ val token = client.createDelegationToken(options).delegationToken().get()
+
+
assertEquals(DelegationTokenManagerConfigs.DELEGATION_TOKEN_MAX_LIFE_TIME_MS_DEFAULT,
token.tokenInfo.maxTimestamp - token.tokenInfo.issueTimestamp)
+ assertTrue(token.tokenInfo.maxTimestamp >= token.tokenInfo.expiryTimestamp)
+ }
+
+ @ParameterizedTest
+ @ValueSource(strings = Array("zk", "kraft"))
+ def testExpiredTimeStampLargerThanMaxLifeStamp(quorum: String): Unit = {
+ client = createAdminClient
+ val timeout = -1
+
+ val createOptions = new
CreateDelegationTokenOptions().maxlifeTimeMs(timeout)
+ val token =
client.createDelegationToken(createOptions).delegationToken().get()
+
+
assertEquals(DelegationTokenManagerConfigs.DELEGATION_TOKEN_MAX_LIFE_TIME_MS_DEFAULT,
token.tokenInfo.maxTimestamp - token.tokenInfo.issueTimestamp)
+ assertTrue(token.tokenInfo.maxTimestamp >= token.tokenInfo.expiryTimestamp)
+
+ TestUtils.waitUntilTrue(() => brokers.forall(server =>
server.tokenCache.tokens().size() == 1),
+ "Timed out waiting for token to propagate to all servers")
+
+ val ExpiredOptions = new
ExpireDelegationTokenOptions().expiryTimePeriodMs(Long.MaxValue)
+ client.expireDelegationToken(token.hmac, ExpiredOptions)
+ assertTrue(token.tokenInfo.maxTimestamp >= token.tokenInfo.expiryTimestamp)
Review Comment:
Hi @chia7712, Thanks for review. Update. Just a small question.
In the case, I set `expiryTimePeriodMs ` to Long.MAX to check the large
number as edge case instead of `maxTimeStamp`.
WDYT?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
