pulsar-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GitBox <...@apache.org>
Subject [GitHub] merlimat commented on a change in pull request #2888: PIP-25: Token based authentication
Date Tue, 27 Nov 2018 19:06:28 GMT
merlimat commented on a change in pull request #2888: PIP-25: Token based authentication
URL: https://github.com/apache/pulsar/pull/2888#discussion_r236804302
 
 

 ##########
 File path: pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/utils/AuthTokenUtils.java
 ##########
 @@ -90,39 +92,18 @@ public static String createToken(Key signingKey, String subject, Optional<Date>
     }
 
     public static byte[] readKeyFromUrl(String keyConfUrl) throws IOException {
-        if (keyConfUrl.startsWith("data:")) {
-            return readDataUrl(keyConfUrl);
+        if (keyConfUrl.startsWith("data:") || keyConfUrl.startsWith("file:")) {
+            try {
+                return ByteStreams.toByteArray((InputStream) new URL(keyConfUrl).getContent());
+            } catch (Exception e) {
+                throw new IOException(e);
+            }
         } else if (keyConfUrl.startsWith("env:")) {
 
 Review comment:
   Actually, there's one tricky part. 
   
   The key, passed as an env variable, needs to be base64 encoded. That might not be needed
in general case for `env:` (eg: a token would be fine as it is). 
   
   It's kind of confusing and we'd have to define something similar to `env:base64,MY_SECRET_KEY_VAR`

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

Mime
View raw message