Class OAuthBearerValidatorCallbackHandler

java.lang.Object

io.confluent.kafka.server.plugins.auth.oauth.OAuthBearerValidatorCallbackHandler

All Implemented Interfaces:

CallbackHandler, org.apache.kafka.common.security.auth.AuthenticateCallbackHandler

public class OAuthBearerValidatorCallbackHandler
extends Object
implements org.apache.kafka.common.security.auth.AuthenticateCallbackHandler

A CallbackHandler that recognizes OAuthBearerValidatorCallback and OAuthBearerExtensionsValidatorCallback for validating a secured OAuth 2 bearer token issued by Confluent and SASL extensions specifying the logical cluster this token is meant for.

It verifies the signature of the JWTToken through a public key it reads from a file path, set in the JAAS config

This class must be explicitly set via the listener.name.sasl_[plaintext|ssl].oauthbearer.sasl.server.callback.handler.class broker configuration property.

Constructor Summary

Constructors

Constructor	Description
OAuthBearerValidatorCallbackHandler()

Method Summary

Modifier and Type	Method	Description
void	close()
void	configure(Map<String,?> configs, String saslMechanism, List<AppConfigurationEntry> jaasConfigEntries)
void	handle(Callback[] callbacks)

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

OAuthBearerValidatorCallbackHandler

public OAuthBearerValidatorCallbackHandler()

Method Details

configure

public void configure(Map<String,?> configs,
 String saslMechanism,
 List<AppConfigurationEntry> jaasConfigEntries)

Specified by:

configure in interface org.apache.kafka.common.security.auth.AuthenticateCallbackHandler

handle

public void handle(Callback[] callbacks)
            throws UnsupportedCallbackException

Specified by:

handle in interface CallbackHandler

Throws:

UnsupportedCallbackException

close

public void close()

Specified by:

close in interface org.apache.kafka.common.security.auth.AuthenticateCallbackHandler