Re: [PR] [feat][client] oauth2 trustcerts file and timeouts [pulsar]

via GitHub Mon, 10 Nov 2025 14:08:13 -0800


gulecroc commented on code in PR #24944:
URL: https://github.com/apache/pulsar/pull/24944#discussion_r2512121160



##########
pulsar-client/src/main/java/org/apache/pulsar/client/impl/auth/oauth2/AuthenticationFactoryOAuth2.java:
##########
@@ -31,35 +31,101 @@ public final class AuthenticationFactoryOAuth2 {
     /**
      * Authenticate with client credentials.
      *
-     * @param issuerUrl the issuer URL
+     * @param issuerUrl      the issuer URL
      * @param credentialsUrl the credentials URL
-     * @param audience An optional field. The audience identifier used by some 
Identity Providers, like Auth0.
+     * @param audience       An optional field. The audience identifier used 
by some Identity Providers, like Auth0.
      * @return an Authentication object
      */
     public static Authentication clientCredentials(URL issuerUrl, URL 
credentialsUrl, String audience) {
-        return clientCredentials(issuerUrl, credentialsUrl, audience, null);
+        return 
clientCredentialsBuilder().issuerUrl(issuerUrl).credentialsUrl(credentialsUrl).audience(audience)
+                .build();
     }
 
     /**
      * Authenticate with client credentials.
      *
-     * @param issuerUrl the issuer URL
+     * @param issuerUrl      the issuer URL
      * @param credentialsUrl the credentials URL
-     * @param audience An optional field. The audience identifier used by some 
Identity Providers, like Auth0.
-     * @param scope An optional field. The value of the scope parameter is 
expressed as a list of space-delimited,
-     *              case-sensitive strings. The strings are defined by the 
authorization server.
-     *              If the value contains multiple space-delimited strings, 
their order does not matter,
-     *              and each string adds an additional access range to the 
requested scope.
-     *              From here: 
https://datatracker.ietf.org/doc/html/rfc6749#section-4.4.2
+     * @param audience       An optional field. The audience identifier used 
by some Identity Providers, like Auth0.
+     * @param scope          An optional field. The value of the scope 
parameter is expressed as a list of
+     *                       space-delimited,
+     *                       case-sensitive strings. The strings are defined 
by the authorization server.
+     *                       If the value contains multiple space-delimited 
strings, their order does not matter,
+     *                       and each string adds an additional access range 
to the requested scope.
+     *                       From here: 
https://datatracker.ietf.org/doc/html/rfc6749#section-4.4.2
      * @return an Authentication object
      */
     public static Authentication clientCredentials(URL issuerUrl, URL 
credentialsUrl, String audience, String scope) {
-        ClientCredentialsFlow flow = ClientCredentialsFlow.builder()
-                .issuerUrl(issuerUrl)
-                .privateKey(credentialsUrl.toExternalForm())
-                .audience(audience)
-                .scope(scope)
-                .build();
-        return new AuthenticationOAuth2(flow, Clock.systemDefaultZone());
+        return 
clientCredentialsBuilder().issuerUrl(issuerUrl).credentialsUrl(credentialsUrl).audience(audience)
+                .scope(scope).build();
     }
+
+    public static ClientCredentialsBuilder clientCredentialsBuilder() {
+        return new ClientCredentialsBuilder();
+    }
+
+    public static class ClientCredentialsBuilder {
+
+        private URL issuerUrl;
+        private URL credentialsUrl;
+        private String audience;
+        private String scope;
+        private Integer connectTimeout;
+        private Integer readTimeout;
+        private String trustCertsFilePath;
+
+        private ClientCredentialsBuilder() {
+        }
+
+        public ClientCredentialsBuilder issuerUrl(URL issuerUrl) {
+            this.issuerUrl = issuerUrl;
+            return this;
+        }
+
+        public ClientCredentialsBuilder credentialsUrl(URL credentialsUrl) {
+            this.credentialsUrl = credentialsUrl;
+            return this;
+        }
+
+        public ClientCredentialsBuilder audience(String audience) {
+            this.audience = audience;
+            return this;
+        }
+
+        public ClientCredentialsBuilder scope(String scope) {
+            this.scope = scope;
+            return this;
+        }
+
+        public ClientCredentialsBuilder connectTimeout(Integer connectTimeout) 
{
+            this.connectTimeout = connectTimeout;
+            return this;
+        }
+
+        public ClientCredentialsBuilder readTimeout(Integer readTimeout) {
+            this.readTimeout = readTimeout;
+            return this;
+        }
+
+        public ClientCredentialsBuilder trustCertsFilePath(String 
trustCertsFilePath) {
+            this.trustCertsFilePath = trustCertsFilePath;
+            return this;
+        }
+
+        public Authentication build() {

Review Comment:
   java doc added and timeouts moved to Duration



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Re: [PR] [feat][client] oauth2 trustcerts file and timeouts [pulsar]

Reply via email to