Versions Compared

Old Version 118

changes.mady.by.user Manikumar Reddy O.

Saved on

compared with

New Version 119

changes.mady.by.user Manikumar Reddy O.

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

getDelegationToken(request: DelegationTokenRequestCreateDelegationTokenRequest):  CreateDelegationTokenResponse

class DelegationTokenRequestCreateDelegationTokenRequest(renewer: Set[KafkaPrincipal] = Set.empty, maxLifeTime: long = -1)

class DelegationTokenResponseCreateDelegationTokenResponse(expiryTimeMillisissueTimeMillis: long, renewer: Set[KafkaPrincipal], maxLifeTimeexpiryTimeMillis: long, maxLifeTime: long, tokenId: String, hmac: byte[])  

renewDelegationToken(request: RenewDelegationTokenRequest): RenewRenewDelegationTokenResponse

class RenewDelegationTokenRequest(hmac: byte[], expiryTimeMillis: long) 

expireToken(request: ExpireTokenRequestExpireDelegationTokenRequest): ExpireTokenResponseExpireDelegationTokenResponse

class ExpireTokenRequestExpireDelegationTokenRequest(hmac: byte[], expireAt: long  = Systemtime.currentTimeMillis) 

describeToken(request: DescribeTokenRequestDescribeDelegationTokenRequest): DescribeTokenRespopnseDescribeDelegationTokenResponse

class DescribeDescribeDelegationTokenRequest(owner: Set[KafkaPrincipal] ) 

...

DelegationTokenRequest
Code Block
DelegationTokenRequestCreateDelegationTokenRequest => [Renewer] MaxDateMs
  Renewer => string
  MaxDateMs => INT64

...

DelegationTokenResponse
Code Block
DelegationTokenResponseCreateDelegationTokenResponse => ErrorCode TokenDetails
  ErrorCode => INT16
  TokenDetails =>  IssueDateMs ExpiryDateMs TokenId HMAC 
    IssueDateMs  => INT64
    ExpiryDateMs => INT64
    TokenId => String 
    HMAC => bytes

...

ExpireTokenRequest
Code Block
ExpireTokenRequestExpireDelegationTokenRequest => HMAC expiryDateMs
  HMAC => bytes
  ExpiryDateMs => INT64

...


ExpireTokenResponse
Code Block
ExpireTokenResponseExpireDelegationTokenResponse => ErrorCode
  ErroCode => INT32
  ExpiryDateMs => INT64

...

DescribeTokenRequest
Code Block
DescribeTokenRequestDescribeDelegationTokenRequest => [Owner]
    Owner => String

Field

Description

ErrorCode
 
Owner

Kakfa Principal which requested the delegation token. If the Owner list is null (i.e., length is -1), the response contains all the allowed tokens

from all owners. If Owner list is empty, the response is empty list.


DescribeTokenResponse
Code Block
DescribeTokenResponseDescribeDelegationTokenResponse => ErrorCode [TokenDetails]
  ErrorCode => INT16
  TokenDetails => Owner IssueDateMs ExpiryDateMs TokenId HMAC [Renewer]
    Owner => String
    IssueDateMs  => INT64
    ExpiryDateMs => INT64
    TokenId => String 
    HMAC => bytes
    Renewer => String

...

TokenDetails:

  • Owner ID -- Username that this token will authenticate as
  • Renewers ID -- designated renewers list
  • Issue date -- timestamp (in msec) when this token was generated
  • Expiry date -- timestamp (in msec) at which this token expires
  • TokenID -- Sequence number to – UUID to ensure uniqueness

TokenAuthenticator(HMAC) := HMAC_SHA1(master key, TokenID)

Authentication Token := (TokenDetails, TokenAuthenticator(HMAC))

...