THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
| Code Block | ||
|---|---|---|
| ||
public enum ScramMechanism {
UNKNOWN(0),
HMAC_SHA_256(1),
HMAC_SHA_512(2);
byte type;
private ScramMechanism(byte type) {
this.type = type;
}
}
public class ScramMechanismInfo {
private final ScramMechanism mechanism;
private final int iterations;
private final public ScramMechanismInfo(ScramMechanism mechanism, int iterations) {
byte[] salt;
private final byte[] storedKey;
private this.mechanism = mechanism;
final byte[] serverKey;
}
public class ScramUserListing {
private this.iterationsfinal =String iterationsname;
private final List<ScramMechanismInfo> infos;
}
public class ListScramUsersOptions public ScramMechanism mechanismextends AbstractOptions<ListScramUsersOptions> { }
default ListScramUsersResult listScramUsers() {
return listScramUsers(new ListScramUsersOptions());
}
ListScramUsersResult return mechanismlistScramUsers(ListScramUsersOptions options);
public class ListScramUsersResult }{
public int iterations() {
return iterations;
}
}
public class ScramUserListing {
private final String name;
private final List<ScramMechanismInfo> infos;
public ScramUserListing(String name, List<ScramMechanismInfo> infos) {
this.name = name;
this.infos = infos;
}
public String name() {
return name;
}
public List<ScramMechanismInfo> infos() {
return mechanism;
}
}
public class ListScramUsersOptions extends AbstractOptions<ListScramUsersOptions> { }
default ListScramUsersResult listScramUsers() {
return listScramUsers(new ListScramUsersOptions());
}
ListScramUsersResult listScramUsers(ListScramUsersOptions options);
public class ListScramUsersResult {
public KafkaFuture<Map<String, ScramUser>> all();
} |
listScramUsers will be implemented by a new RPC.
KafkaFuture<Map<String, ScramUserListing>> all();
} |
listScramUsers will be implemented by a new RPC.
| Code Block |
|---|
{
"apiKey": 50,
"type": "request",
"name": "ListScramUsersRequest",
"validVersions": "0",
"flexibleVersions": "0+",
"fields": [
]
}
{
"apiKey": 50,
"type": "response",
"name": "ListScramUsersResponse",
"validVersions": "0",
"flexibleVersions": "0+",
"fields": [
{ "name": "Error", "type": "int16", "versions": "0+",
"about": "The message-level error code." },
{ "name": "ErrorMessage", "type": "string", "versions": "0+", "nullableVersions": "0+",
"about": "The message-level error message." },
{ "name": "Users", "type": "[]ScramUser", "versions": "0+",
"about": "The SCRAM users.", "fields": [
{ "name": "Name", "type": "string", "versions": "0+",
"about": "The user name." },
{ "name": "MechanismInfos", "type": "ScramUserMechanismInfo", "versions |
| Code Block |
{ "apiKey": 50, "type": "request", "name": "ListScramUsersRequest", "validVersions": "0", "flexibleVersions": "0+", "fieldsabout": [ ] } { "apiKey": 50, "type"The user name." }, { "name": "responseMechanism", "nametype": "ListScramUsersResponseint8", "validVersionsversions": "0+", "flexibleVersions "about": "0+", The SCRAM mechanism." }, "fields": [ { "name": "ErrorIterations", "type": "int16int32", "versions": "0+", "about": "The message-level error code number of iterations used in the SCRAM mechanism." }, { "name": "ErrorMessageSalt", "type": "stringbytes", "versions": "0+", "nullableVersions": "0+", "about": "The message-level error messagepassword salt." }, { "name": "UsersStoredKey", "type": "[]ScramUserbyte", "versions": "0+", "about": "The hashed SCRAMclient userskey." }, "fields": [ { "name": "NameServerKey", "type": "stringbyte", "versions": "0+", "about": "The hashed userserver namekey." }, { "name": "MechanismInfos", "type": "ScramUserMechanismInfo", "versions": "0+", "about": "The user name." }, { "name": "Mechanism", "type": "int8", "versions": "0+", "about": "The SCRAM mechanism." }, { "name": "Iterations", "type": "int32", "versions": "0+", "about": "The number of iterations used in the SCRAM mechanism." } } ]} ] } } ]} ] } |
It will require ALTER It will require ALTER permissions on the CLUSTER resource. It will return CLUSTER_AUTHORIZATION_FAILED if the user has insufficient permissions.
...
alterScramUsers will delete, create, or change SCRAM users.
Deletions are done by user name.
Alterations will create the given user if it doesn't exist, or alter it if it does.
, create, or change SCRAM users.
Deletions are done by user name.
Alterations will create the given user if it doesn't exist, or alter it if it does.
| Code Block |
|---|
public class ScramUserDeletion {
private final String user; |
| Code Block |
public class ScramUserDeletion { private final String user; ScramUserDeletion(String user) { this.user = user; } public String user() { return user; } } public class ScramCredential { private final ScramMechanismInfo info; private final byte[] salt; private final byte[]String saltedPassword;password; // There will be one constructor that randomly generates a salt, and one that accepts a pre-defined salt. } public class ScramUserAlteration { private final String user; private final List<ScramCredential> credentials; public ScramCredentialAlteration(String user, List<ScramCredential> credentials) { this.user = user; this.credentials = credentials; } public String user() { return user; } public List<ScramCredential> credentials() { return credentials; } } public class AlterScramUsersOptions extends AbstractOptions<AlterScramUsersOptions> {} default AlterScramUsersResult alterScramUsers(List<ScramUserDeletion> deletions, List<ScramUserAlteration> alterations) { return alterScramUsers(deletions, alterations, new AlterScramUsersOptions()); } AlterScramUsersResult alterScramUsers(List<ScramUserDeletion> deletions, List<ScramUserAlteration> alterations, AlterScramUsersOptions options); public class AlterScramCredentialsResult { public KafkaFuture<Void> all(); public Map<String, KafkaFuture<Void>> results(); } |
...