You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by pe...@apache.org on 2022/06/10 15:01:54 UTC
[pulsar] 10/12: [fix][auth] Generate correct well-known OpenID configuration URL (#15928)
This is an automated email from the ASF dual-hosted git repository.
penghui pushed a commit to branch branch-2.9
in repository https://gitbox.apache.org/repos/asf/pulsar.git
commit 43ab20b735f3a7cd989369725206c79d82b4d4f0
Author: ran <ga...@126.com>
AuthorDate: Tue Jun 7 15:46:57 2022 +0800
[fix][auth] Generate correct well-known OpenID configuration URL (#15928)
(cherry picked from commit 304b03e7ff3eeff62c31f93738af488eb44abde0)
---
pulsar-client-cpp/lib/auth/AuthOauth2.cc | 9 ++++++++-
pulsar-client-cpp/lib/auth/AuthOauth2.h | 1 +
pulsar-client-cpp/tests/AuthPluginTest.cc | 20 ++++++++++++++++++++
3 files changed, 29 insertions(+), 1 deletion(-)
diff --git a/pulsar-client-cpp/lib/auth/AuthOauth2.cc b/pulsar-client-cpp/lib/auth/AuthOauth2.cc
index c3dfe550a0c..438239a46d6 100644
--- a/pulsar-client-cpp/lib/auth/AuthOauth2.cc
+++ b/pulsar-client-cpp/lib/auth/AuthOauth2.cc
@@ -143,6 +143,8 @@ ClientCredentialFlow::ClientCredentialFlow(ParamMap& params)
audience_(params["audience"]),
scope_(params["scope"]) {}
+std::string ClientCredentialFlow::getTokenEndPoint() const { return tokenEndPoint_; }
+
static size_t curlWriteCallback(void* contents, size_t size, size_t nmemb, void* responseDataPtr) {
((std::string*)responseDataPtr)->append((char*)contents, size * nmemb);
return size * nmemb;
@@ -168,7 +170,12 @@ void ClientCredentialFlow::initialize() {
curl_easy_setopt(handle, CURLOPT_CUSTOMREQUEST, "GET");
// set URL: well-know endpoint
- curl_easy_setopt(handle, CURLOPT_URL, (issuerUrl_ + "/.well-known/openid-configuration").c_str());
+ std::string wellKnownUrl = issuerUrl_;
+ if (wellKnownUrl.back() == '/') {
+ wellKnownUrl.pop_back();
+ }
+ wellKnownUrl.append("/.well-known/openid-configuration");
+ curl_easy_setopt(handle, CURLOPT_URL, wellKnownUrl.c_str());
// Write callback
curl_easy_setopt(handle, CURLOPT_WRITEFUNCTION, curlWriteCallback);
diff --git a/pulsar-client-cpp/lib/auth/AuthOauth2.h b/pulsar-client-cpp/lib/auth/AuthOauth2.h
index a3658b353ee..986919ddfcd 100644
--- a/pulsar-client-cpp/lib/auth/AuthOauth2.h
+++ b/pulsar-client-cpp/lib/auth/AuthOauth2.h
@@ -57,6 +57,7 @@ class ClientCredentialFlow : public Oauth2Flow {
void close();
ParamMap generateParamMap() const;
+ std::string getTokenEndPoint() const;
private:
std::string tokenEndPoint_;
diff --git a/pulsar-client-cpp/tests/AuthPluginTest.cc b/pulsar-client-cpp/tests/AuthPluginTest.cc
index be987e07c48..01c19ebbea4 100644
--- a/pulsar-client-cpp/tests/AuthPluginTest.cc
+++ b/pulsar-client-cpp/tests/AuthPluginTest.cc
@@ -412,6 +412,26 @@ TEST(AuthPluginTest, testOauth2RequestBody) {
ASSERT_EQ(flow2.generateParamMap(), expectedResult2);
}
+TEST(AuthPluginTest, testInitialize) {
+ std::string issuerUrl = "https://dev-kt-aa9ne.us.auth0.com";
+ std::string expectedTokenEndPoint = issuerUrl + "/oauth/token";
+
+ ParamMap params;
+ params["issuer_url"] = issuerUrl;
+ params["client_id"] = "Xd23RHsUnvUlP7wchjNYOaIfazgeHd9x";
+ params["client_secret"] = "rT7ps7WY8uhdVuBTKWZkttwLdQotmdEliaM5rLfmgNibvqziZ-g07ZH52N_poGAb";
+ params["audience"] = "https://dev-kt-aa9ne.us.auth0.com/api/v2/";
+
+ ClientCredentialFlow flow1(params);
+ flow1.initialize();
+ ASSERT_EQ(flow1.getTokenEndPoint(), expectedTokenEndPoint);
+
+ params["issuer_url"] = issuerUrl + "/";
+ ClientCredentialFlow flow2(params);
+ flow2.initialize();
+ ASSERT_EQ(flow2.getTokenEndPoint(), expectedTokenEndPoint);
+}
+
TEST(AuthPluginTest, testOauth2Failure) {
ParamMap params;
auto addKeyValue = [&](const std::string& key, const std::string& value) {