Skip to content

[improve] AuthAthenz supports Copper Argos #274

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
BewareMyPower merged 2 commits into from
May 28, 2023
Merged

[improve] AuthAthenz supports Copper Argos #274

BewareMyPower merged 2 commits into from
May 28, 2023

Conversation

@shustsud
Copy link
Contributor

@shustsud shustsud commented May 23, 2023
edited
Loading

Motivation

Modifications

  • Add the parameters x509CertChain and caCert to the ZTSClient.cc. If an X.509 certificate is passed as a parameter, it assumes Copper Argos is used and sets the X.509 certificate as a request parameter to ZTS and gets a RoleToken.

  • Remove tokenExpirationTime because it is not used for the RoleToken (which is sent to Pulsar Brokers and used for authentication) but for the PrincipalToken (which is only used to get the RoleToken from ZTS). Instead I added minExpiryTime and maxExpiryTime to control the expiry time of the RoleToken in the same way as Java/Go clients.

  • Existing users of this plugin will not be affected by this change.

Verifying this change

  • Make sure that the change passes the CI checks.

Documentation

  • doc-required
    (Your PR needs to update docs and you will update later)

  • doc-not-needed
    (Please explain why)

  • doc
    (Your PR contains doc changes)

  • doc-complete
    (Docs have been already added)

@shustsud shustsud changed the title [improve] AuthAthenz supports Copper Argos [WIP][improve] AuthAthenz supports Copper Argos May 24, 2023
@shustsud shustsud changed the title [WIP][improve] AuthAthenz supports Copper Argos [improve] AuthAthenz supports Copper Argos May 25, 2023
hrsakai
hrsakai approved these changes May 26, 2023
View reviewed changes
Copy link
Contributor

@hrsakai hrsakai left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

massakam
massakam approved these changes May 28, 2023
View reviewed changes
Copy link
Contributor

@massakam massakam left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@massakam massakam added enhancement New feature or request doc-required labels May 28, 2023
@massakam massakam added this to the 3.3.0 milestone May 28, 2023
@BewareMyPower BewareMyPower merged commit 4209987 into apache:main May 28, 2023
@massakam massakam mentioned this pull request Jun 6, 2023
Merged
4 tasks
This was referenced Dec 7, 2023
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@massakam massakam massakam approved these changes

@hrsakai hrsakai hrsakai approved these changes

Assignees

@shustsud shustsud

Labels

doc-required enhancement New feature or request

Projects

None yet

Milestone

3.3.0

Development

Successfully merging this pull request may close these issues.

4 participants

@shustsud @massakam @hrsakai @BewareMyPower