Class UamiJwtRetriever
java.lang.Object
io.confluent.kafka.schemaregistry.client.security.bearerauth.oauth.UamiJwtRetriever
- All Implemented Interfaces:
Closeable,AutoCloseable,org.apache.kafka.common.security.oauthbearer.internals.secured.OAuthBearerConfigurable,org.apache.kafka.common.security.oauthbearer.JwtRetriever
public class UamiJwtRetriever
extends Object
implements org.apache.kafka.common.security.oauthbearer.JwtRetriever
UamiJwtRetriever is a JwtRetriever that retrieves a JWT access token from
the Azure Instance Metadata Service (IMDS) using a User Assigned Managed Identity (UAMI).
It issues a GET request to the configured IMDS endpoint with a user-supplied query string appended, and retries on transient failures using exponential backoff.
The default endpoint is the standard Azure IMDS address
(DEFAULT_IMDS_ENDPOINT), but can be overridden for Azure Arc or testing environments.
-
Field Summary
Fields -
Constructor Summary
ConstructorsConstructorDescriptionUamiJwtRetriever(String query, String endpointUrl, long retryBackoffMs, long retryBackoffMaxMs, Integer connectTimeoutMs, Integer readTimeoutMs) -
Method Summary
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.apache.kafka.common.security.oauthbearer.internals.secured.OAuthBearerConfigurable
close, configure
-
Field Details
-
METADATA_HEADER
- See Also:
-
DEFAULT_IMDS_ENDPOINT
- See Also:
-
-
Constructor Details
-
UamiJwtRetriever
-
-
Method Details
-
retrieve
Issues a GET request to the IMDS endpoint and returns the raw JWT access token string. Retries on transient (non-4xx) HTTP errors using exponential backoff.- Specified by:
retrievein interfaceorg.apache.kafka.common.security.oauthbearer.JwtRetriever- Returns:
- Non-null JWT access token string
- Throws:
org.apache.kafka.common.security.oauthbearer.JwtRetrieverException- on IO errors or a non-retryable HTTP response
-