ivankelly commented on a change in pull request #3677: PIP-30: interface and mutual change authentication URL: https://github.com/apache/pulsar/pull/3677#discussion_r262021576
########## File path: pulsar-broker/src/main/java/org/apache/pulsar/broker/service/ServerCnx.java ########## @@ -446,52 +453,128 @@ private String getOriginalPrincipal(String originalAuthData, String originalAuth return originalPrincipal; } + // complete the connect and sent newConnected command + private void completeConnect(int clientProtoVersion, String clientVersion) { + ctx.writeAndFlush(Commands.newConnected(clientProtoVersion)); + state = State.Connected; + remoteEndpointProtocolVersion = clientProtoVersion; + if (isNotBlank(clientVersion) && !clientVersion.contains(" ") /* ignore default version: pulsar client */) { + this.clientVersion = clientVersion.intern(); + } + } + + // According to auth result, send newConnected or newAuthChallenge command. + private void doingAuthentication(AuthData clientData, + int clientProtocolVersion, + String clientVersion) throws Exception { + AuthData brokerData = authState.authenticate(clientData); Review comment: This feels a little weird, where you're returning an object, from the authState, then completely ignoring it if auth is complete. Maybe instead of returning AuthData, authenticate could return AuthResult. ``` class AuthResult { Status getStatus(); // can return COMPLETE/IN_PROGRESS/ERROR AuthData getData(); } ``` ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services