sijie commented on a change in pull request #3677: [WIP]PIP-30: interface and
mutual change authentication
URL: https://github.com/apache/pulsar/pull/3677#discussion_r259900039
##########
File path:
pulsar-client/src/main/java/org/apache/pulsar/client/impl/ClientCnx.java
##########
@@ -187,13 +194,32 @@ public void channelActive(ChannelHandlerContext ctx)
throws Exception {
});
}
- protected ByteBuf newConnectCommand() throws PulsarClientException {
- String authData = "";
- if (authentication.getAuthData().hasDataFromCommand()) {
+ private boolean isMutualAuthenticationMethod() {
+ return false;
+ }
+
+ protected ByteBuf newConnectCommand() throws IOException {
+ // mutual authentication is to auth between `remoteHostName` and this
client for this channel.
+ // each channel will have a mutual client/server pair, mutual client
evaluateChallenge with init data,
+ // and return authData to server.
+ if (isMutualAuthenticationMethod()) {
Review comment:
I think there are some commonalities between these branches, we should try
to consolidate into one interface and hide the implementation. If I understand
this correctly:
- isMutalAuthenticationMethod == true => authData =
getAuthData(remoteHostName).authenticate("init".getBytes());
- hasDataFromCommand => authData = = getAuthData().getCommandData();
- otherwise => authData = ""
So I think the Authentication can just provide a method `byte[]
authenticate(String remoteHostname)`? Hide the implementation details to
individual provider?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
