You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by mm...@apache.org on 2019/04/16 23:31:38 UTC
[pulsar] branch master updated: Upgrade athenz libraries (#4056)
This is an automated email from the ASF dual-hosted git repository.
mmerli pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pulsar.git
The following commit(s) were added to refs/heads/master by this push:
new 12a5001 Upgrade athenz libraries (#4056)
12a5001 is described below
commit 12a5001cbbb205ba7811317eeb02f40912e45b56
Author: massakam <ma...@yahoo-corp.jp>
AuthorDate: Wed Apr 17 08:31:33 2019 +0900
Upgrade athenz libraries (#4056)
---
pom.xml | 2 +-
.../client/impl/auth/AuthenticationAthenz.java | 10 +++++++++
.../client/impl/auth/AuthenticationAthenzTest.java | 24 ++++++++++++++++++++++
3 files changed, 35 insertions(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index f140c38..053b373 100644
--- a/pom.xml
+++ b/pom.xml
@@ -151,7 +151,7 @@ flexible messaging model and an intuitive client API.</description>
<storm.version>1.0.5</storm.version>
<jetty.version>9.4.12.v20180830</jetty.version>
<jersey.version>2.27</jersey.version>
- <athenz.version>1.7.17</athenz.version>
+ <athenz.version>1.8.17</athenz.version>
<prometheus.version>0.5.0</prometheus.version>
<aspectj.version>1.9.2</aspectj.version>
<rocksdb.version>5.13.3</rocksdb.version>
diff --git a/pulsar-client-auth-athenz/src/main/java/org/apache/pulsar/client/impl/auth/AuthenticationAthenz.java b/pulsar-client-auth-athenz/src/main/java/org/apache/pulsar/client/impl/auth/AuthenticationAthenz.java
index e814ae6..3e0aef3 100644
--- a/pulsar-client-auth-athenz/src/main/java/org/apache/pulsar/client/impl/auth/AuthenticationAthenz.java
+++ b/pulsar-client-auth-athenz/src/main/java/org/apache/pulsar/client/impl/auth/AuthenticationAthenz.java
@@ -59,6 +59,10 @@ public class AuthenticationAthenz implements Authentication, EncodedAuthenticati
private String providerDomain;
private PrivateKey privateKey;
private String keyId = "0";
+ // If auto prefetching is enabled, application will not complete until the static method
+ // ZTSClient.cancelPrefetch() is called.
+ // cf. https://github.com/yahoo/athenz/issues/544
+ private boolean autoPrefetchEnabled = false;
private long cachedRoleTokenTimestamp;
private String roleToken;
private final int minValidity = 2 * 60 * 60; // athenz will only give this token if it's at least valid for 2hrs
@@ -136,6 +140,8 @@ public class AuthenticationAthenz implements Authentication, EncodedAuthenticati
}
this.keyId = authParams.getOrDefault("keyId", "0");
+ this.autoPrefetchEnabled = Boolean.valueOf(authParams.getOrDefault("autoPrefetchEnabled", "false"));
+
if (authParams.containsKey("athenzConfPath")) {
System.setProperty("athenz.athenz_conf", authParams.get("athenzConfPath"));
}
@@ -156,6 +162,9 @@ public class AuthenticationAthenz implements Authentication, EncodedAuthenticati
@Override
public void close() throws IOException {
+ if (ztsClient != null) {
+ ztsClient.close();
+ }
}
private ZTSClient getZtsClient() {
@@ -163,6 +172,7 @@ public class AuthenticationAthenz implements Authentication, EncodedAuthenticati
ServiceIdentityProvider siaProvider = new SimpleServiceIdentityProvider(tenantDomain, tenantService,
privateKey, keyId);
ztsClient = new ZTSClient(ztsUrl, tenantDomain, tenantService, siaProvider);
+ ztsClient.setPrefetchAutoEnable(this.autoPrefetchEnabled);
}
return ztsClient;
}
diff --git a/pulsar-client-auth-athenz/src/test/java/org/apache/pulsar/client/impl/auth/AuthenticationAthenzTest.java b/pulsar-client-auth-athenz/src/test/java/org/apache/pulsar/client/impl/auth/AuthenticationAthenzTest.java
index 36df7f1..4419c1b 100644
--- a/pulsar-client-auth-athenz/src/test/java/org/apache/pulsar/client/impl/auth/AuthenticationAthenzTest.java
+++ b/pulsar-client-auth-athenz/src/test/java/org/apache/pulsar/client/impl/auth/AuthenticationAthenzTest.java
@@ -19,6 +19,7 @@
package org.apache.pulsar.client.impl.auth;
import static org.testng.Assert.assertEquals;
+import static org.testng.Assert.assertFalse;
import static org.testng.Assert.assertTrue;
import org.testng.annotations.Test;
import org.apache.pulsar.client.impl.auth.AuthenticationAthenz;
@@ -171,4 +172,27 @@ public class AuthenticationAthenzTest {
Assert.fail();
}
}
+
+ @Test
+ public void testAutoPrefetchEnabled() throws Exception {
+ Field field = auth.getClass().getDeclaredField("autoPrefetchEnabled");
+ field.setAccessible(true);
+ assertFalse((boolean) field.get(auth));
+
+ String paramsStr = new String(Files.readAllBytes(Paths.get("./src/test/resources/authParams.json")));
+ ObjectMapper jsonMapper = ObjectMapperFactory.create();
+ Map<String, String> authParamsMap = jsonMapper.readValue(paramsStr, new TypeReference<HashMap<String, String>>() { });
+
+ authParamsMap.put("autoPrefetchEnabled", "true");
+ AuthenticationAthenz auth1 = new AuthenticationAthenz();
+ auth1.configure(jsonMapper.writeValueAsString(authParamsMap));
+ assertTrue((boolean) field.get(auth1));
+ auth1.close();
+
+ authParamsMap.put("autoPrefetchEnabled", "false");
+ AuthenticationAthenz auth2 = new AuthenticationAthenz();
+ auth2.configure(jsonMapper.writeValueAsString(authParamsMap));
+ assertFalse((boolean) field.get(auth2));
+ auth2.close();
+ }
}