Versions Compared

Old Version 14

changes.mady.by.user Stanislav Kozlovski

Saved on

compared with

New Version 15

changes.mady.by.user Stanislav Kozlovski

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languagejava
titleSaslExtensionsCallback
public class SaslExtensionsCallback implements Callback {
    /**
     * Returns the extension names and values that are sent by the client to
     * the server in the initial client SASL authentication message.
     * Default is an empty map.
     */
    public Map<String, String>SaslExtensions extensions()

    /**
     * Sets the SASL extensions on this callback.
     */
    public void extensions(SaslExtensions extensions)
}

`SaslExtensions` - class for holding extensions data

Code Block
package org.apache.kafka.common.security.auth;

/**
 * A simple value object class holding customizable SASL extensions
 */
public class SaslExtensions {

    public SaslExtensions(String extensions, String separator)

    public SaslExtensions(Map<String, String> extensions extensionMap, String separator)

    public String extensionValue(String name)

    public Set<String> extensionNames()

    public boolean isEmpty()
}


Proposed Changes

Describe the new thing you want to do in appropriate detail. This may be fairly extensive and have large subsections of its own. Or it may be a few sentences. Use judgement based on the scope of the change.

Create a new `SaslExtensions` class that takes most of the generalizable logic from `ScramExtensions`. `ScramExtensions` will wil extend `SaslExtensions`
Create a new `SaslExtensionsCallback` which will be exactly the same as similar to `ScramExtensionsCallback`. `ScramExtensionsCallback` cannot be deleted since it is a public class - (but will be deprecated) but it will NOT extend `SaslExtensionsCallback` to preserve backwards-compatibilitysince it will not support the new `SaslExtensions` class.
Pass `SaslExtensionsCallback` to the callback handler of `OAuthBearerLoginModule` so that the handler can parse the extensions from the JAAS config and populate them in the Subject class.
Pass `SaslExtensionsCallback` to the callback handler of `OAuthBearerSaslClient` so that the handler can take the extensions from the Subject and populate them in the callback. `OAuthBearerSaslClient` will then attach the populated extensions (if any) to the first client message.
Have `OAuthBearerServer` parse sent extensions and expose them via its `OAuthBearerServer#getNegotiatedProperty()` method. It will use a strict regex, parsing only letters for keys and only ASCII characters for values

...