search

strimzi / strimzi-kafka-oauth

OAuth2 support for Apache Kafka® to work with many OAuth2 authorization servers
Apache License 2.0
140 stars 89 forks source link

Bearer token support for Kafka broker to authenticate to use JWKS / Introspection endpoints #217

Closed mstruk closed 7 months ago

mstruk commented 7 months ago

This PR introduces the following configuration options for use when configuring the listener:

The authentication configuration rules for configuring the introspection endpoint have been relaxed. Introspection endpoint can now be unprotected (no authentication configured on the listener) or it can be protected with oauth.client.id and oauth.client.secret to send Basic Authorization header or with the oauth.server.bearer.token or oauth.server.bearer.token.location when sending Bearer Authorization header.

JWKS endpoint can now also be protected in the same way.

mstruk commented 7 months ago

While Travis CI hasn't managed to run, locally running the full testsuite passes fine.