ivankelly commented on a change in pull request #3677: PIP-30: interface and
mutual change authentication
URL: https://github.com/apache/pulsar/pull/3677#discussion_r262021576
##########
File path:
pulsar-broker/src/main/java/org/apache/pulsar/broker/service/ServerCnx.java
##########
@@ -446,52 +453,128 @@ private String getOriginalPrincipal(String
originalAuthData, String originalAuth
return originalPrincipal;
}
+ // complete the connect and sent newConnected command
+ private void completeConnect(int clientProtoVersion, String clientVersion)
{
+ ctx.writeAndFlush(Commands.newConnected(clientProtoVersion));
+ state = State.Connected;
+ remoteEndpointProtocolVersion = clientProtoVersion;
+ if (isNotBlank(clientVersion) && !clientVersion.contains(" ") /*
ignore default version: pulsar client */) {
+ this.clientVersion = clientVersion.intern();
+ }
+ }
+
+ // According to auth result, send newConnected or newAuthChallenge command.
+ private void doingAuthentication(AuthData clientData,
+ int clientProtocolVersion,
+ String clientVersion) throws Exception {
+ AuthData brokerData = authState.authenticate(clientData);
Review comment:
This feels a little weird, where you're returning an object, from the
authState, then completely ignoring it if auth is complete. Maybe instead of
returning AuthData, authenticate could return AuthResult.
```
class AuthResult {
Status getStatus(); // can return COMPLETE/IN_PROGRESS/ERROR
AuthData getData();
}
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
