This is an automated email from the ASF dual-hosted git repository.
zhaocong pushed a commit to branch branch-3.0
in repository https://gitbox.apache.org/repos/asf/pulsar.git
The following commit(s) were added to refs/heads/branch-3.0 by this push:
new bcfb1f59dc3 [fix][broker] Fix authenticate order in
AuthenticationProviderList (#23111)
bcfb1f59dc3 is described below
commit bcfb1f59dc334801fb1e7e3dbce712394c064b52
Author: Cong Zhao <[email protected]>
AuthorDate: Mon Aug 5 15:01:00 2024 +0800
[fix][broker] Fix authenticate order in AuthenticationProviderList (#23111)
(cherry picked from commit 0e6654788c67c92b05cd7f509ab7c08ab49920cd)
---
.../broker/authentication/AuthenticationProviderList.java | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git
a/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationProviderList.java
b/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationProviderList.java
index 663a6253f44..211f2ea006b 100644
---
a/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationProviderList.java
+++
b/pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationProviderList.java
@@ -120,7 +120,8 @@ public class AuthenticationProviderList implements
AuthenticationProvider {
if (log.isDebugEnabled()) {
log.debug("Authentication failed for auth
provider " + authState.getClass() + ": ", ex);
}
-
authenticateRemainingAuthStates(authChallengeFuture, authData, ex,
states.size() - 1);
+
authenticateRemainingAuthStates(authChallengeFuture, authData, ex,
+ states.isEmpty() ? -1 : 0);
}
});
return authChallengeFuture;
@@ -130,7 +131,7 @@ public class AuthenticationProviderList implements
AuthenticationProvider {
AuthData clientAuthData,
Throwable
previousException,
int index) {
- if (index < 0) {
+ if (index < 0 || index >= states.size()) {
if (previousException == null) {
previousException = new
AuthenticationException("Authentication required");
}
@@ -142,7 +143,7 @@ public class AuthenticationProviderList implements
AuthenticationProvider {
AuthenticationState state = states.get(index);
if (state == authState) {
// Skip the current auth state
- authenticateRemainingAuthStates(authChallengeFuture,
clientAuthData, null, index - 1);
+ authenticateRemainingAuthStates(authChallengeFuture,
clientAuthData, null, index + 1);
} else {
state.authenticateAsync(clientAuthData)
.whenComplete((authChallenge, ex) -> {
@@ -155,7 +156,7 @@ public class AuthenticationProviderList implements
AuthenticationProvider {
log.debug("Authentication failed for auth
provider "
+ authState.getClass() + ": ", ex);
}
-
authenticateRemainingAuthStates(authChallengeFuture, clientAuthData, ex, index
- 1);
+
authenticateRemainingAuthStates(authChallengeFuture, clientAuthData, ex, index
+ 1);
}
});
}
@@ -228,7 +229,7 @@ public class AuthenticationProviderList implements
AuthenticationProvider {
@Override
public CompletableFuture<String>
authenticateAsync(AuthenticationDataSource authData) {
CompletableFuture<String> roleFuture = new CompletableFuture<>();
- authenticateRemainingAuthProviders(roleFuture, authData, null,
providers.size() - 1);
+ authenticateRemainingAuthProviders(roleFuture, authData, null,
providers.isEmpty() ? -1 : 0);
return roleFuture;
}
@@ -236,7 +237,7 @@ public class AuthenticationProviderList implements
AuthenticationProvider {
AuthenticationDataSource
authData,
Throwable
previousException,
int index) {
- if (index < 0) {
+ if (index < 0 || index >= providers.size()) {
if (previousException == null) {
previousException = new
AuthenticationException("Authentication required");
}
@@ -254,7 +255,7 @@ public class AuthenticationProviderList implements
AuthenticationProvider {
if (log.isDebugEnabled()) {
log.debug("Authentication failed for auth provider
" + provider.getClass() + ": ", ex);
}
- authenticateRemainingAuthProviders(roleFuture,
authData, ex, index - 1);
+ authenticateRemainingAuthProviders(roleFuture,
authData, ex, index + 1);
}
});
}
