You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2022/03/31 16:19:28 UTC
[GitHub] [pulsar] sursingh commented on a change in pull request #13339: [Issue 10816][Proxy] Refresh client auth token
sursingh commented on a change in pull request #13339:
URL: https://github.com/apache/pulsar/pull/13339#discussion_r839797205
##########
File path: pulsar-proxy/src/test/java/org/apache/pulsar/proxy/server/ProxyWithJwtAuthorizationTest.java
##########
@@ -363,6 +374,72 @@ public void testProxyAuthorizationWithPrefixSubscriptionAuthMode() throws Except
log.info("-- Exiting {} test --", methodName);
}
+ @Test
+ void testRefreshClientToken() throws Exception {
+ log.info("-- Starting {} test --", methodName);
+
+ startProxy();
+ createAdminClient();
+
+ @SuppressWarnings("unchecked")
+ Supplier<String> tokenSupplier = Mockito.mock(Supplier.class);
+ when(tokenSupplier.get()).thenAnswer(answer -> createClientJwtToken(Duration.ofSeconds(1)));
+
+ PulsarClient proxyClient = PulsarClient.builder()
+ .serviceUrl(proxyService.getServiceUrl()).statsInterval(0, TimeUnit.SECONDS)
+ .authentication(AuthenticationFactory.token(tokenSupplier))
+ .operationTimeout(1000, TimeUnit.MILLISECONDS)
+ .build();
+
+ String namespaceName = "my-property/proxy-authorization/my-ns";
+ admin.clusters().createCluster("proxy-authorization", ClusterData.builder().serviceUrl(brokerUrl.toString()).build());
+ admin.tenants().createTenant("my-property",
+ new TenantInfoImpl(Sets.newHashSet("appid1", "appid2"), Sets.newHashSet("proxy-authorization")));
+ admin.namespaces().createNamespace(namespaceName);
+
+ admin.namespaces().grantPermissionOnNamespace(namespaceName, CLIENT_ROLE,
+ Sets.newHashSet(AuthAction.consume, AuthAction.produce));
+ log.info("-- Admin permissions {} ---", admin.namespaces().getPermissions(namespaceName));
+
+ Producer<byte[]> producer = proxyClient.newProducer(Schema.BYTES)
+ .topic("persistent://my-property/proxy-authorization/my-ns/my-topic1").create();
+
+ final int msgs = 10;
+ for (int i = 0; i < msgs; i++) {
+ String message = "my-message-" + i;
+ producer.send(message.getBytes());
+ }
+
+ //noinspection unchecked
+ clearInvocations(tokenSupplier);
+ Thread.sleep(3000);
+ verify(tokenSupplier, atLeastOnce()).get();
Review comment:
I don't think this test is correct. It is passing for us, even without the associated fix.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org