exceptionfactory commented on a change in pull request #4508:
URL: https://github.com/apache/nifi/pull/4508#discussion_r540181191
##########
File path:
nifi-nar-bundles/nifi-confluent-platform-bundle/nifi-confluent-schema-registry-service/src/main/java/org/apache/nifi/confluent/schemaregistry/ConfluentSchemaRegistry.java
##########
@@ -112,6 +114,32 @@
.required(true)
.build();
+ static final PropertyDescriptor PROP_BASIC_AUTH_USERNAME = new
PropertyDescriptor.Builder()
Review comment:
Recommend renaming this variable to PROP_USERNAME for simplicity and
more generalized implementation.
##########
File path:
nifi-nar-bundles/nifi-confluent-platform-bundle/nifi-confluent-schema-registry-service/src/main/java/org/apache/nifi/confluent/schemaregistry/ConfluentSchemaRegistry.java
##########
@@ -112,6 +114,32 @@
.required(true)
.build();
+ static final PropertyDescriptor PROP_BASIC_AUTH_USERNAME = new
PropertyDescriptor.Builder()
+ .name("Authentication Username")
+ .displayName("Authentication Username")
Review comment:
Recommend shortening the property name and display name to _Username_
since _Authentication_ is already implied.
##########
File path:
nifi-nar-bundles/nifi-confluent-platform-bundle/nifi-confluent-schema-registry-service/src/main/java/org/apache/nifi/confluent/schemaregistry/ConfluentSchemaRegistry.java
##########
@@ -112,6 +114,32 @@
.required(true)
.build();
+ static final PropertyDescriptor PROP_BASIC_AUTH_USERNAME = new
PropertyDescriptor.Builder()
+ .name("Authentication Username")
+ .displayName("Authentication Username")
+ .description("The username to be used by the client to authenticate
against the Remote URL. Cannot include control characters (0-31), ':', or DEL
(127).")
+ .required(false)
+
.addValidator(StandardValidators.createRegexMatchingValidator(Pattern.compile("^[\\x20-\\x39\\x3b-\\x7e\\x80-\\xff]+$")))
+ .build();
+
+ static final PropertyDescriptor PROP_BASIC_AUTH_PASSWORD = new
PropertyDescriptor.Builder()
Review comment:
Recommend renaming this variable to PROP_PASSWORD.
##########
File path:
nifi-nar-bundles/nifi-confluent-platform-bundle/nifi-confluent-schema-registry-service/src/main/java/org/apache/nifi/confluent/schemaregistry/ConfluentSchemaRegistry.java
##########
@@ -112,6 +114,32 @@
.required(true)
.build();
+ static final PropertyDescriptor PROP_BASIC_AUTH_USERNAME = new
PropertyDescriptor.Builder()
+ .name("Authentication Username")
+ .displayName("Authentication Username")
+ .description("The username to be used by the client to authenticate
against the Remote URL. Cannot include control characters (0-31), ':', or DEL
(127).")
+ .required(false)
+
.addValidator(StandardValidators.createRegexMatchingValidator(Pattern.compile("^[\\x20-\\x39\\x3b-\\x7e\\x80-\\xff]+$")))
+ .build();
+
+ static final PropertyDescriptor PROP_BASIC_AUTH_PASSWORD = new
PropertyDescriptor.Builder()
+ .name("Authentication Password")
+ .displayName("Authentication Password")
+ .description("The password to be used by the client to authenticate
against the Remote URL.")
+ .required(false)
+ .sensitive(true)
+
.addValidator(StandardValidators.createRegexMatchingValidator(Pattern.compile("^[\\x20-\\x7e\\x80-\\xff]+$")))
+ .build();
+
+ static final PropertyDescriptor PROP_AUTH_TYPE = new
PropertyDescriptor.Builder()
+ .name("Authentication Type")
+ .displayName("Authentication Type")
+ .description("Basic authentication will use the 'Authentication
Username' " +
+ "and 'Authentication Password' property values. See Confluent
Schema Registry documentation for more details.")
Review comment:
Recommend reviewing the recent addition of the dependsOn property
support and implementing if needed, as opposed to repeating the other property
names in the description.
##########
File path:
nifi-nar-bundles/nifi-confluent-platform-bundle/nifi-confluent-schema-registry-service/src/main/java/org/apache/nifi/confluent/schemaregistry/client/RestSchemaRegistryClient.java
##########
@@ -68,14 +69,21 @@
private static final String SCHEMA_REGISTRY_CONTENT_TYPE =
"application/vnd.schemaregistry.v1+json";
- public RestSchemaRegistryClient(final List<String> baseUrls, final int
timeoutMillis, final SSLContext sslContext, final ComponentLog logger) {
+ public RestSchemaRegistryClient(final List<String> baseUrls, final String
authType, final String authUser,
+ final String authPass, final int
timeoutMillis, final SSLContext sslContext, final ComponentLog logger) {
this.baseUrls = new ArrayList<>(baseUrls);
final ClientConfig clientConfig = new ClientConfig();
clientConfig.property(ClientProperties.CONNECT_TIMEOUT, timeoutMillis);
clientConfig.property(ClientProperties.READ_TIMEOUT, timeoutMillis);
client = WebUtils.createClient(clientConfig, sslContext);
+ if (!authUser.isEmpty() && !authType.isEmpty()) {
Review comment:
Recommend changing these checks to use StringUtils.isNotEmpty() to
include null checking and improve readability.
##########
File path:
nifi-nar-bundles/nifi-confluent-platform-bundle/nifi-confluent-schema-registry-service/src/main/java/org/apache/nifi/confluent/schemaregistry/ConfluentSchemaRegistry.java
##########
@@ -112,6 +114,32 @@
.required(true)
.build();
+ static final PropertyDescriptor PROP_BASIC_AUTH_USERNAME = new
PropertyDescriptor.Builder()
+ .name("Authentication Username")
+ .displayName("Authentication Username")
+ .description("The username to be used by the client to authenticate
against the Remote URL. Cannot include control characters (0-31), ':', or DEL
(127).")
+ .required(false)
+
.addValidator(StandardValidators.createRegexMatchingValidator(Pattern.compile("^[\\x20-\\x39\\x3b-\\x7e\\x80-\\xff]+$")))
+ .build();
+
+ static final PropertyDescriptor PROP_BASIC_AUTH_PASSWORD = new
PropertyDescriptor.Builder()
+ .name("Authentication Password")
+ .displayName("Authentication Password")
+ .description("The password to be used by the client to authenticate
against the Remote URL.")
+ .required(false)
+ .sensitive(true)
+
.addValidator(StandardValidators.createRegexMatchingValidator(Pattern.compile("^[\\x20-\\x7e\\x80-\\xff]+$")))
+ .build();
+
+ static final PropertyDescriptor PROP_AUTH_TYPE = new
PropertyDescriptor.Builder()
Review comment:
Based on the current implementation of the Confluent Service supporting
only HTTP Basic authentication, should this property be removed? Presence of
the Username and Password properties could indicate the intention to configure
authentication. Alternatively, if the purpose is to use this property as an
indicator of the intention to configure authentication, having an alternative
value of _NONE_ or _DISABLED_ seems more explicit than having an unset property.
##########
File path:
nifi-nar-bundles/nifi-confluent-platform-bundle/nifi-confluent-schema-registry-service/src/main/java/org/apache/nifi/confluent/schemaregistry/ConfluentSchemaRegistry.java
##########
@@ -166,6 +202,21 @@ public void onEnabled(final ConfigurationContext context) {
}
}
+ final boolean authTypeSet =
validationContext.getProperty(PROP_AUTH_TYPE).isSet();
+ final boolean authUsernameSet =
validationContext.getProperty(PROP_BASIC_AUTH_USERNAME).isSet();
+ final boolean authPasswordSet =
validationContext.getProperty(PROP_BASIC_AUTH_PASSWORD).isSet();
+ if (authTypeSet) {
+ if (!authUsernameSet || !authPasswordSet) {
Review comment:
See comments on the Authentication Type property and recommend reviewing
and integrating dependsOn property support if needed, which might remove the
need for some of this custom validation.
##########
File path:
nifi-nar-bundles/nifi-confluent-platform-bundle/nifi-confluent-schema-registry-service/src/main/java/org/apache/nifi/confluent/schemaregistry/ConfluentSchemaRegistry.java
##########
@@ -112,6 +114,32 @@
.required(true)
.build();
+ static final PropertyDescriptor PROP_BASIC_AUTH_USERNAME = new
PropertyDescriptor.Builder()
+ .name("Authentication Username")
+ .displayName("Authentication Username")
+ .description("The username to be used by the client to authenticate
against the Remote URL. Cannot include control characters (0-31), ':', or DEL
(127).")
+ .required(false)
+
.addValidator(StandardValidators.createRegexMatchingValidator(Pattern.compile("^[\\x20-\\x39\\x3b-\\x7e\\x80-\\xff]+$")))
+ .build();
+
+ static final PropertyDescriptor PROP_BASIC_AUTH_PASSWORD = new
PropertyDescriptor.Builder()
+ .name("Authentication Password")
+ .displayName("Authentication Password")
Review comment:
Similar to the _Username_ property, recommend renaming to _Password_
since that appears to be the approach used in other Processors and Controller
Services.
##########
File path:
nifi-nar-bundles/nifi-confluent-platform-bundle/nifi-confluent-schema-registry-service/src/main/java/org/apache/nifi/confluent/schemaregistry/client/RestSchemaRegistryClient.java
##########
@@ -68,14 +69,21 @@
private static final String SCHEMA_REGISTRY_CONTENT_TYPE =
"application/vnd.schemaregistry.v1+json";
- public RestSchemaRegistryClient(final List<String> baseUrls, final int
timeoutMillis, final SSLContext sslContext, final ComponentLog logger) {
+ public RestSchemaRegistryClient(final List<String> baseUrls, final String
authType, final String authUser,
+ final String authPass, final int
timeoutMillis, final SSLContext sslContext, final ComponentLog logger) {
this.baseUrls = new ArrayList<>(baseUrls);
final ClientConfig clientConfig = new ClientConfig();
clientConfig.property(ClientProperties.CONNECT_TIMEOUT, timeoutMillis);
clientConfig.property(ClientProperties.READ_TIMEOUT, timeoutMillis);
client = WebUtils.createClient(clientConfig, sslContext);
+ if (!authUser.isEmpty() && !authType.isEmpty()) {
+ if (authType.equals("BASIC")) {
Review comment:
If HTTP Basic is the only type of authentication supported, then
recommend removing authType as a parameter and passing just the username and
password.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
