sijie commented on a change in pull request #6799:
URL: https://github.com/apache/pulsar/pull/6799#discussion_r413589283
##########
File path:
pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationService.java
##########
@@ -83,13 +83,29 @@ public String authenticate(AuthenticationDataSource
authData, String authMethodN
}
public String authenticateHttpRequest(HttpServletRequest request) throws
AuthenticationException {
- // Try to validate with any configured provider
AuthenticationDataSource authData = new
AuthenticationDataHttps(request);
- for (AuthenticationProvider provider : providers.values()) {
+ String authMethodName = request.getHeader("Auth-Method-Name");
+
+ if (authMethodName != null) {
+ AuthenticationProvider providerToUse = providers
+ .values()
+ .parallelStream()
+ .filter(provider ->
provider.getAuthMethodName().equals(authMethodName))
+ .findAny()
+ .orElseThrow(() -> new
AuthenticationException(String.format("Unsupported header Auth-Method-Name
[%s].", authMethodName)));
+
try {
- return provider.authenticate(authData);
+ return providerToUse.authenticate(authData);
} catch (AuthenticationException e) {
- // Ignore the exception because we don't know which
authentication method is expected here.
+ throw e;
+ }
+ } else {
+ for (AuthenticationProvider provider : providers.values()) {
+ try {
+ return provider.authenticate(authData);
+ } catch (AuthenticationException e) {
+ // Ignore the exception because we don't know which
authentication method is expected here.
+ }
}
Review comment:
If none of the providers is able to authenticate the provided
`authData`, shouldn't we throw any exception here?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
