Re: [PR] KAFKA-18847: Refactor OAuth layer to improve reusability 1/N [kafka]

via GitHub Mon, 12 May 2025 11:38:01 -0700


kirktrue commented on code in PR #19622:
URL: https://github.com/apache/kafka/pull/19622#discussion_r2085243526



##########
clients/src/main/java/org/apache/kafka/common/security/oauthbearer/OAuthBearerLoginCallbackHandler.java:
##########
@@ -179,55 +180,45 @@ public class OAuthBearerLoginCallbackHandler implements 
AuthenticateCallbackHand
 
     private Map<String, Object> moduleOptions;
 
-    private AccessTokenRetriever accessTokenRetriever;
+    private JwtRetriever jwtRetriever;
 
-    private AccessTokenValidator accessTokenValidator;
-
-    private boolean isInitialized = false;
+    private JwtValidator jwtValidator;
 
     @Override
     public void configure(Map<String, ?> configs, String saslMechanism, 
List<AppConfigurationEntry> jaasConfigEntries) {
-        moduleOptions = JaasOptionsUtils.getOptions(saslMechanism, 
jaasConfigEntries);
-        AccessTokenRetriever accessTokenRetriever = 
AccessTokenRetrieverFactory.create(configs, saslMechanism, moduleOptions);
-        AccessTokenValidator accessTokenValidator = 
AccessTokenValidatorFactory.create(configs, saslMechanism);
-        init(accessTokenRetriever, accessTokenValidator);
+        Map<String, Object> moduleOptions = 
JaasOptionsUtils.getOptions(saslMechanism, jaasConfigEntries);
+        JwtRetriever jwtRetriever = new DefaultJwtRetriever(configs, 
saslMechanism, moduleOptions);
+        JwtValidator jwtValidator = new DefaultJwtValidator(configs, 
saslMechanism);
+        configure(moduleOptions, jwtRetriever, jwtValidator);
     }
 
-    public void init(AccessTokenRetriever accessTokenRetriever, 
AccessTokenValidator accessTokenValidator) {
-        this.accessTokenRetriever = accessTokenRetriever;
-        this.accessTokenValidator = accessTokenValidator;
+    void configure(Map<String, Object> moduleOptions, JwtRetriever 
jwtRetriever, JwtValidator jwtValidator) {

Review Comment:
   Done and done.



##########
clients/src/main/java/org/apache/kafka/common/security/oauthbearer/OAuthBearerValidatorCallbackHandler.java:
##########
@@ -135,37 +134,36 @@ public void configure(Map<String, ?> configs, String 
saslMechanism, List<AppConf
                 new 
RefCountingVerificationKeyResolver(VerificationKeyResolverFactory.create(configs,
 saslMechanism, moduleOptions)));
         }
 
-        AccessTokenValidator accessTokenValidator = 
AccessTokenValidatorFactory.create(configs, saslMechanism, 
verificationKeyResolver);
-        init(verificationKeyResolver, accessTokenValidator);
+        JwtValidator jwtValidator = new DefaultJwtValidator(configs, 
saslMechanism, verificationKeyResolver);
+        configure(verificationKeyResolver, jwtValidator);
     }
 
-    public void init(CloseableVerificationKeyResolver verificationKeyResolver, 
AccessTokenValidator accessTokenValidator) {
+    void configure(CloseableVerificationKeyResolver verificationKeyResolver, 
JwtValidator jwtValidator) {

Review Comment:
   Done and done.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Re: [PR] KAFKA-18847: Refactor OAuth layer to improve reusability 1/N [kafka]

Reply via email to