Add OIDC method to Kafka authentication #41873
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Rich Scott <[email protected]>
Signed-off-by: Rich Scott <[email protected]>
Signed-off-by: Rich Scott <[email protected]>
…elemetry-collector-contrib into feature/kafa-openid-auth Signed-off-by: Rich Scott <[email protected]>
Signed-off-by: Rich Scott <[email protected]>
Signed-off-by: Rich Scott <[email protected]>
Signed-off-by: Rich Scott <[email protected]>
Signed-off-by: Rich Scott <[email protected]>
Add more assertions on the inner token string in the resultant sarama access token. Signed-off-by: Rich Scott <[email protected]>
Signed-off-by: Rich Scott <[email protected]>
This is so we can quickly stop/start a new server in each test func. Signed-off-by: Rich Scott <[email protected]>
Also give some vars better names; disable some logging messages. Signed-off-by: Rich Scott <[email protected]>
Remove debugging messages. Signed-off-by: Rich Scott <[email protected]>
Signed-off-by: Rich Scott <[email protected]>
Signed-off-by: Rich Scott <[email protected]>
Also, manually build a (small subset of a) K8S token, for unit-testing. Signed-off-by: Rich Scott <[email protected]>
Signed-off-by: Rich Scott <[email protected]>
Signed-off-by: Rich Scott <[email protected]>
Also accept and propagate EndpointParams and AuthStyle fields for oauth2 clientcredentials.Config. Signed-off-by: Rich Scott <[email protected]>
Also add authentication configuration setup test. Signed-off-by: Rich Scott <[email protected]>
…lemetry-collector-contrib into feature/kafka-oidc-auth
Signed-off-by: Rich Scott <[email protected]>
Signed-off-by: Rich Scott <[email protected]>
Signed-off-by: Rich Scott <[email protected]>
|
Hey @richscott , Please make sure you sign the CLA so we can include the changes into the project. |
|
@MovieStoreGuy Will do - my employer is adding me to our corporate (in GH and/or elsewhere) org imminently, and then I will set up the CLA as a Corporate Contributor asap. Thanks. |
Signed-off-by: Rich Scott <[email protected]>
Signed-off-by: Rich Scott <[email protected]>
Signed-off-by: Rich Scott <[email protected]>
Also check if our context is done before calling updateToken(). Signed-off-by: Rich Scott <[email protected]>
Signed-off-by: Rich Scott <[email protected]>
Signed-off-by: Rich Scott <[email protected]>
Signed-off-by: Rich Scott <[email protected]>
Signed-off-by: Rich Scott <[email protected]>
Signed-off-by: Rich Scott <[email protected]>
Signed-off-by: Rich Scott <[email protected]>
Signed-off-by: Rich Scott <[email protected]>
Signed-off-by: Rich Scott <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This change adds support for authentication via OIDC to the Kafka client. It provides an implementation of the sarama.AccessTokenProvider interface, supporting the
client_credentialsGrant Type, and a background token refresh.