search

datastax / pulsar-jms

DataStax Starlight for JMS, a JMS API for Apache Pulsar ®
Apache License 2.0
48 stars 21 forks source link

Support OAuth2 client authentication while using ConnectionFactory#createConnection(username/password) #49

Open eolivelli opened 2 years ago

eolivelli commented 2 years ago

Pulsar client supports OAuth2 client authentication https://pulsar.apache.org/docs/security-oauth2/

and you can already use it by configuring the PulsarConnectionFactory via authPlugin and authParams.

but there is a request to support it while using ConnectionFactory#createConnection(username/password).

the most straight forward way of mapping OAuth2 client credentials is to map:

and leave all the other parameters to be set in the ConnectionFactory configuration:

The JMS client will create the "credentials" to be passed to the the AuthenticationFactoryOAuth2.clientCredentials method

michaeljmarshall commented 2 years ago

@eolivelli - yes, I think these configuration options make sense. The scope, audience, and client_email are optional for some identity providers, so we'll want to treat the as optional.