YouJiacheng opened a new issue #12911: URL: https://github.com/apache/pulsar/issues/12911
# What issue do you find in Pulsar docs? https://pulsar.apache.org/docs/en/security-jwt/#enable-token-authentication-on-brokers ``` # Authentication settings of the broker itself. Used when the broker connects to other brokers, either in same or other clusters brokerClientTlsEnabled=true brokerClientAuthenticationPlugin=org.apache.pulsar.client.impl.auth.AuthenticationToken brokerClientAuthenticationParameters={"token":"eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0ZXN0LXVzZXIifQ.9OHgE9ZUDeBTZs7nSMEFIuGNEX18FLR3qvy8mqxSxXw"} # Or, alternatively, read token from file # brokerClientAuthenticationParameters={"file":"///path/to/proxy-token.txt"} ``` The comment say token file should be specified in {"file":"///path/to/proxy-token.txt"} format. However, the source code of org.apache.pulsar.client.impl.auth.AuthenticationToken implies that: clear text token can use JSON format or "token:Clear.Text.Token" token file must use "file:///path/to/token" ``` // Interpret the whole param string as the token. If the string contains the notation `token:xxxxx` then strip // the prefix if (encodedAuthParamString.startsWith("token:")) { this.tokenSupplier = new SerializableTokenSupplier(encodedAuthParamString.substring("token:".length())); } else if (encodedAuthParamString.startsWith("file:")) { // Read token from a file URI filePath = URI.create(encodedAuthParamString); this.tokenSupplier = new SerializableURITokenSupplier(filePath); } else { try { // Read token from json string JsonObject authParams = new Gson().fromJson(encodedAuthParamString, JsonObject.class); this.tokenSupplier = new SerializableTokenSupplier(authParams.get("token").getAsString()); } catch (JsonSyntaxException e) { this.tokenSupplier = new SerializableTokenSupplier(encodedAuthParamString); } } ``` # Do you have any references? https://github.com/apache/pulsar/blob/master/pulsar-client/src/main/java/org/apache/pulsar/client/impl/auth/AuthenticationToken.java#L86 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
