[
https://issues.apache.org/jira/browse/KAFKA-15077?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Manikumar resolved KAFKA-15077.
-------------------------------
Resolution: Fixed
> FileTokenRetriever doesn't trim the token before returning it.
> --------------------------------------------------------------
>
> Key: KAFKA-15077
> URL: https://issues.apache.org/jira/browse/KAFKA-15077
> Project: Kafka
> Issue Type: Bug
> Components: clients
> Reporter: Sushant Mahajan
> Assignee: Sushant Mahajan
> Priority: Minor
> Fix For: 3.6.0
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> The {{FileTokenRetriever}} class is used to read the access_token from a file
> on the clients system and then the info is passed along with jaas config to
> the {{{}OAuthBearerSaslServer{}}}.
> The server uses the class {{OAuthBearerClientInitialResponse}} to validate
> the token format.
> In case the token was sent using {{FileTokenRetriever}} on the client side,
> some EOL character is getting appended to the token, causing authentication
> to fail with the message (in case to topic create):
> {{ERROR org.apache.kafka.common.errors.SaslAuthenticationException:
> Authentication failed during authentication due to invalid credentials with
> SASL mechanism OAUTHBEARER}}
>
> On the server side the following line
> [https://github.com/apache/kafka/blob/trunk/clients/src/main/java/org/apache/kafka/common/security/oauthbearer/internals/OAuthBearerClientInitialResponse.java#L68]
> with throw an exception failing the request.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
