Re: [PR] ARTEMIS-5316 XOAUTH2 SASL mechanism for broker connection [activemq-artemis]

Tue, 08 Jul 2025 09:09:58 -0700 


tabish121 commented on code in PR #5822:
URL: https://github.com/apache/activemq-artemis/pull/5822#discussion_r2192919187


##########
tests/integration-tests/src/test/java/org/apache/activemq/artemis/tests/integration/amqp/connect/AMQPConnectSaslTest.java:
##########
@@ -115,6 +117,81 @@ public void testConnectsWithPlain() throws Exception {
       }
    }
 
+   @Test
+   @Timeout(20)
+   public void testConnectsWithXOauth2() throws Exception {
+      try (ProtonTestServer peer = new ProtonTestServer()) {
+         peer.expectSaslXOauth2Connect(USER, PASSWD);
+         peer.expectOpen().respond();
+         peer.expectBegin().respond();
+         peer.start();
+
+         final URI remoteURI = peer.getServerURI();
+         logger.debug("Connect test started, peer listening on: {}", 
remoteURI);
+
+         AMQPBrokerConnectConfiguration amqpConnection =
+             new AMQPBrokerConnectConfiguration(getTestName(), 
"tcp://localhost:" + remoteURI.getPort() + "?saslMechanisms=" + XOAUTH2);

Review Comment:
   Specifying the XOAUTH2 as the only enabled mech here isn't actually needed 
and the test would pass without it since the test peer is only offering that 
mechanism so the server should naturally pick it from the set of mechanisms it 
supports given there is a user / pass supplied.  You could write a test were 
this tested it picks from a set that offered PLAIN if the server side disabled 
it by scripting the peer as:
   
   ```
            peer.expectSASLHeader().respondWithSASLHeader();
            peer.remoteSaslMechanisms().withMechanisms("PLAIN", "XOAUTH2", 
"ANONYMOUS").queue();
            
peer.expectSaslInit().withMechanism("XOAUTH2").withInitialResponse(peer.saslXOauth2InitialResponse(USER,
 PASSWD));
            peer.remoteSaslOutcome().withCode(SaslCode.OK).queue();
            peer.expectAMQPHeader().respondWithAMQPHeader();
   ```
   
   This would then test that the server side mechanisms exclusion works and it 
filers out anything but XOAUTH2 when selecting from the offered set.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: gitbox-unsubscr...@activemq.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscr...@activemq.apache.org
For additional commands, e-mail: gitbox-h...@activemq.apache.org
For further information, visit: https://activemq.apache.org/contact

Reply via email to