kirktrue commented on code in PR #19622: URL: https://github.com/apache/kafka/pull/19622#discussion_r2076507643
########## clients/src/main/java/org/apache/kafka/common/security/oauthbearer/internals/secured/JwtValidator.java: ########## @@ -40,13 +42,12 @@ * <li><a href="https://datatracker.ietf.org/doc/html/draft-ietf-oauth-access-token-jwt";>RFC 6750, Section 2.1</a></li> * </ul> * - * @see LoginAccessTokenValidator A basic AccessTokenValidator used by client-side login - * authentication - * @see ValidatorAccessTokenValidator A more robust AccessTokenValidator that is used on the broker - * to validate the token's contents and verify the signature + * @see ClientJwtValidator A basic JwtValidator used by client-side login authentication + * @see BrokerJwtValidator A more robust JwtValidator that is used on the broker to validate the token's + * contents and verify the signature */ -public interface AccessTokenValidator { +public interface JwtValidator extends Initable, Closeable { Review Comment: I generalized the wording. PLMK if it needs further changes. ########## clients/src/main/java/org/apache/kafka/common/security/oauthbearer/OAuthBearerValidatorCallbackHandler.java: ########## @@ -135,13 +136,19 @@ public void configure(Map<String, ?> configs, String saslMechanism, List<AppConf new RefCountingVerificationKeyResolver(VerificationKeyResolverFactory.create(configs, saslMechanism, moduleOptions))); } - AccessTokenValidator accessTokenValidator = AccessTokenValidatorFactory.create(configs, saslMechanism, verificationKeyResolver); - init(verificationKeyResolver, accessTokenValidator); + JwtValidator jwtValidator = new DefaultJwtValidator(configs, saslMechanism, verificationKeyResolver); + init(verificationKeyResolver, jwtValidator); } - public void init(CloseableVerificationKeyResolver verificationKeyResolver, AccessTokenValidator accessTokenValidator) { + public void init(CloseableVerificationKeyResolver verificationKeyResolver, JwtValidator jwtValidator) { this.verificationKeyResolver = verificationKeyResolver; - this.accessTokenValidator = accessTokenValidator; + this.jwtValidator = jwtValidator; + + try { + this.jwtValidator.init(); + } catch (IOException e) { + throw new KafkaException("The OAuth validator configuration encountered an error when initializing the JwtValidator", e); Review Comment: Changed to "The OAuth validator callback", as suggested. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
