cckellogg commented on a change in pull request #11794:
URL: https://github.com/apache/pulsar/pull/11794#discussion_r697897377
##########
File path:
pulsar-broker-common/src/main/java/org/apache/pulsar/broker/authentication/AuthenticationProviderToken.java
##########
@@ -237,6 +280,69 @@ private static String validateToken(final String token)
throws AuthenticationExc
}
}
+ @SuppressWarnings("unchecked")
+ private DecodedJWT authenticateTokenJwk(final String token) throws
AuthenticationException {
Review comment:
Instead of adding this code to the AuthenticationProvider could we
refactor some of this code out into separate classes so there is not a lot of
if else checks (i think that makes the code more difficult to follow test and
maintain) within the code?
Maybe there can be a TokenDecoder interface and TokenInfo or Token class.
Then there can be multiple implementations of the TokenDecoder and the code can
be simplified and not care how it works underneath. The TokenInfo or Token
class can add more attributes over time but at this point I think we only care
about the principal and expiration.
Thoughts?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscr...@pulsar.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
