Uploaded image for project: 'Kafka'
  1. Kafka
  2. KAFKA-15878

KIP-768: Extend support for opaque (i.e. non-JWT) tokens in SASL/OAUTHBEARER

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 3.8.0
    • clients

    Description

      // code placeholder

      Overview

      • This issue pertains to SASL/OAUTHBEARER mechanism of Kafka authentication. 
      • Kafka clients can use SASL/OAUTHBEARER  mechanism by overriding the custom call back handlers
      • KIP-768 available from v3.1  further extends the mechanism with a production grade implementation. 
      • Kafka's SASL/OAUTHBEARER  mechanism currently rejects the non-JWT (i.e. opaque) tokens. This is because of a more restrictive set of characters than what RFC-6750 recommends. 
      • This JIRA can be considered an extension of KIP-768 to support the opaque tokens as well apart from the JWT tokens.

       

      In summary the following character set should be supported as per the RFC - 

      1*( ALPHA / DIGIT /
                       "-" / "." / "_" / "~" / "+" / "/" ) *"="

       

       

       

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #14818

          Activity

            People

              philomathanuj Anuj Sharma
              philomathanuj Anuj Sharma
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: