You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by pe...@apache.org on 2022/06/12 11:26:11 UTC
[pulsar] 01/03: [fix][auth] Generate correct well-known OpenID configuration URL (#15928)
This is an automated email from the ASF dual-hosted git repository.
penghui pushed a commit to branch branch-2.10
in repository https://gitbox.apache.org/repos/asf/pulsar.git
commit 3dc5f1e38bbd926f9411a6ba4081dd600eefda66
Author: ran <ga...@126.com>
AuthorDate: Tue Jun 7 15:46:57 2022 +0800
[fix][auth] Generate correct well-known OpenID configuration URL (#15928)
(cherry picked from commit 304b03e7ff3eeff62c31f93738af488eb44abde0)
---
pulsar-client-cpp/lib/auth/AuthOauth2.cc | 9 ++++++++-
pulsar-client-cpp/lib/auth/AuthOauth2.h | 1 +
pulsar-client-cpp/tests/AuthPluginTest.cc | 20 ++++++++++++++++++++
3 files changed, 29 insertions(+), 1 deletion(-)
diff --git a/pulsar-client-cpp/lib/auth/AuthOauth2.cc b/pulsar-client-cpp/lib/auth/AuthOauth2.cc
index 334289dd352..c7f944da75b 100644
--- a/pulsar-client-cpp/lib/auth/AuthOauth2.cc
+++ b/pulsar-client-cpp/lib/auth/AuthOauth2.cc
@@ -143,6 +143,8 @@ ClientCredentialFlow::ClientCredentialFlow(ParamMap& params)
audience_(params["audience"]),
scope_(params["scope"]) {}
+std::string ClientCredentialFlow::getTokenEndPoint() const { return tokenEndPoint_; }
+
static size_t curlWriteCallback(void* contents, size_t size, size_t nmemb, void* responseDataPtr) {
((std::string*)responseDataPtr)->append((char*)contents, size * nmemb);
return size * nmemb;
@@ -168,7 +170,12 @@ void ClientCredentialFlow::initialize() {
curl_easy_setopt(handle, CURLOPT_CUSTOMREQUEST, "GET");
// set URL: well-know endpoint
- curl_easy_setopt(handle, CURLOPT_URL, (issuerUrl_ + "/.well-known/openid-configuration").c_str());
+ std::string wellKnownUrl = issuerUrl_;
+ if (wellKnownUrl.back() == '/') {
+ wellKnownUrl.pop_back();
+ }
+ wellKnownUrl.append("/.well-known/openid-configuration");
+ curl_easy_setopt(handle, CURLOPT_URL, wellKnownUrl.c_str());
// Write callback
curl_easy_setopt(handle, CURLOPT_WRITEFUNCTION, curlWriteCallback);
diff --git a/pulsar-client-cpp/lib/auth/AuthOauth2.h b/pulsar-client-cpp/lib/auth/AuthOauth2.h
index 59e8ad9320a..c940cf96985 100644
--- a/pulsar-client-cpp/lib/auth/AuthOauth2.h
+++ b/pulsar-client-cpp/lib/auth/AuthOauth2.h
@@ -58,6 +58,7 @@ class ClientCredentialFlow : public Oauth2Flow {
void close();
ParamMap generateParamMap() const;
+ std::string getTokenEndPoint() const;
private:
std::string tokenEndPoint_;
diff --git a/pulsar-client-cpp/tests/AuthPluginTest.cc b/pulsar-client-cpp/tests/AuthPluginTest.cc
index be987e07c48..01c19ebbea4 100644
--- a/pulsar-client-cpp/tests/AuthPluginTest.cc
+++ b/pulsar-client-cpp/tests/AuthPluginTest.cc
@@ -412,6 +412,26 @@ TEST(AuthPluginTest, testOauth2RequestBody) {
ASSERT_EQ(flow2.generateParamMap(), expectedResult2);
}
+TEST(AuthPluginTest, testInitialize) {
+ std::string issuerUrl = "https://dev-kt-aa9ne.us.auth0.com";
+ std::string expectedTokenEndPoint = issuerUrl + "/oauth/token";
+
+ ParamMap params;
+ params["issuer_url"] = issuerUrl;
+ params["client_id"] = "Xd23RHsUnvUlP7wchjNYOaIfazgeHd9x";
+ params["client_secret"] = "rT7ps7WY8uhdVuBTKWZkttwLdQotmdEliaM5rLfmgNibvqziZ-g07ZH52N_poGAb";
+ params["audience"] = "https://dev-kt-aa9ne.us.auth0.com/api/v2/";
+
+ ClientCredentialFlow flow1(params);
+ flow1.initialize();
+ ASSERT_EQ(flow1.getTokenEndPoint(), expectedTokenEndPoint);
+
+ params["issuer_url"] = issuerUrl + "/";
+ ClientCredentialFlow flow2(params);
+ flow2.initialize();
+ ASSERT_EQ(flow2.getTokenEndPoint(), expectedTokenEndPoint);
+}
+
TEST(AuthPluginTest, testOauth2Failure) {
ParamMap params;
auto addKeyValue = [&](const std::string& key, const std::string& value) {