From a7a9495861df22168fc978a183af17c35b8329ca Mon Sep 17 00:00:00 2001 From: b3rnh8rd Date: Mon, 6 Feb 2023 19:58:35 +0100 Subject: [PATCH 1/6] fixed SslSocketFactoryCreator in case of absent keystore - added token auth in addition for schema-registry basic auth --- .../at/esque/kafka/cluster/ClusterConfig.java | 49 +++++++++++++++++-- .../cluster/SslSocketFactoryCreator.java | 3 ++ .../kafka/dialogs/ClusterConfigDialog.java | 14 +++++- .../esque/kafka/handlers/ConfigHandler.java | 6 +++ 4 files changed, 66 insertions(+), 6 deletions(-) diff --git a/src/main/java/at/esque/kafka/cluster/ClusterConfig.java b/src/main/java/at/esque/kafka/cluster/ClusterConfig.java index f5ce6c0..e866560 100644 --- a/src/main/java/at/esque/kafka/cluster/ClusterConfig.java +++ b/src/main/java/at/esque/kafka/cluster/ClusterConfig.java @@ -3,10 +3,10 @@ import com.fasterxml.jackson.annotation.JsonIgnore; import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonProperty; -import javafx.beans.property.BooleanProperty; -import javafx.beans.property.SimpleBooleanProperty; -import javafx.beans.property.SimpleStringProperty; -import javafx.beans.property.StringProperty; +import javafx.beans.property.*; +import javafx.collections.FXCollections; + +import java.util.Arrays; @JsonIgnoreProperties(ignoreUnknown = true) public class ClusterConfig { @@ -14,6 +14,9 @@ public class ClusterConfig { private StringProperty bootStrapServers = new SimpleStringProperty(); private StringProperty schemaRegistry = new SimpleStringProperty(); private StringProperty schemaRegistryBasicAuthUserInfo = new SimpleStringProperty(); + private StringProperty schemaRegistryAuthConfig = new SimpleStringProperty(); + private ListProperty schemaRegistryAuthModes = new SimpleListProperty<>( FXCollections.observableArrayList(Arrays.asList(SchemaRegistryAuthMode.NONE,SchemaRegistryAuthMode.BASIC, SchemaRegistryAuthMode.TOKEN))); + private ObjectProperty schemaRegistryAuthMode = new SimpleObjectProperty<>(); private BooleanProperty schemaRegistryUseSsl = new SimpleBooleanProperty(); private BooleanProperty sslEnabled = new SimpleBooleanProperty(); private BooleanProperty certPathValidationSuppressed = new SimpleBooleanProperty(); @@ -33,7 +36,11 @@ public class ClusterConfig { public ClusterConfig() { } - + public enum SchemaRegistryAuthMode { + NONE, + BASIC, + TOKEN + } public ClusterConfig(ClusterConfig existingConfig) { update(existingConfig); } @@ -44,6 +51,8 @@ public void update(ClusterConfig existingConfig) { this.setBootStrapServers(existingConfig.getBootStrapServers()); this.setSchemaRegistry(existingConfig.getSchemaRegistry()); this.setSchemaRegistryBasicAuthUserInfo(existingConfig.getSchemaRegistryBasicAuthUserInfo()); + this.setSchemaRegistryAuthConfig(existingConfig.getSchemaRegistryAuthConfig()); + this.setSchemaRegistryAuthMode(existingConfig.getSchemaRegistryAuthMode()); this.setSchemaRegistryUseSsl(existingConfig.isSchemaRegistryUseSsl()); this.setSchemaRegistrySuppressCertPathValidation(existingConfig.isSchemaRegistrySuppressCertPathValidation()); this.setSslEnabled(existingConfig.isSslEnabled()); @@ -245,6 +254,36 @@ public void setSchemaRegistryBasicAuthUserInfo(String schemaRegistryBasicAuthUse this.schemaRegistryBasicAuthUserInfo.set(schemaRegistryBasicAuthUserInfo); } + @JsonProperty("schemaRegistryAuthConfig") + public String getSchemaRegistryAuthConfig() { + return schemaRegistryAuthConfig.get(); + } + + public StringProperty schemaRegistryAuthConfigProperty() { + return schemaRegistryAuthConfig; + } + + public void setSchemaRegistryAuthConfig(String schemaRegistryAuthConfig) { + this.schemaRegistryAuthConfig.set(schemaRegistryAuthConfig); + } + + public ListProperty schemaRegistryAuthModesProperty() { + return schemaRegistryAuthModes; + } + + @JsonProperty("schemaRegistryAuthMode") + public SchemaRegistryAuthMode getSchemaRegistryAuthMode() { + return schemaRegistryAuthMode.get(); + } + + public ObjectProperty schemaRegistryAuthModeProperty() { + return schemaRegistryAuthMode; + } + + public void setSchemaRegistryAuthMode(SchemaRegistryAuthMode schemaRegistryAuthMode) { + this.schemaRegistryAuthMode.set(schemaRegistryAuthMode); + } + @JsonProperty("schemaRegistryUseSsl") public boolean isSchemaRegistryUseSsl() { return schemaRegistryUseSsl.get(); diff --git a/src/main/java/at/esque/kafka/cluster/SslSocketFactoryCreator.java b/src/main/java/at/esque/kafka/cluster/SslSocketFactoryCreator.java index ddc996e..add2c78 100644 --- a/src/main/java/at/esque/kafka/cluster/SslSocketFactoryCreator.java +++ b/src/main/java/at/esque/kafka/cluster/SslSocketFactoryCreator.java @@ -44,7 +44,10 @@ public static SSLSocketFactory buildSSlSocketFactory(ClusterConfig clusterConfig KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(new FileInputStream(sslProperties.get(SslConfigs.SSL_KEYSTORE_LOCATION_CONFIG)), sslProperties.get(SslConfigs.SSL_KEYSTORE_PASSWORD_CONFIG).toCharArray()); kmf.init(ks, sslProperties.get(SslConfigs.SSL_KEYSTORE_PASSWORD_CONFIG).toCharArray()); + }else{ + kmf.init(null, null); } + if (clusterConfig.isSchemaRegistrySuppressCertPathValidation()) { sc.init(kmf.getKeyManagers(), UNQUESTIONING_TRUST_MANAGER, null); } else { diff --git a/src/main/java/at/esque/kafka/dialogs/ClusterConfigDialog.java b/src/main/java/at/esque/kafka/dialogs/ClusterConfigDialog.java index 338ed98..95dd4e0 100644 --- a/src/main/java/at/esque/kafka/dialogs/ClusterConfigDialog.java +++ b/src/main/java/at/esque/kafka/dialogs/ClusterConfigDialog.java @@ -20,7 +20,9 @@ public class ClusterConfigDialog { public static final String LABEL_IDENTIFIER = "Identifier"; public static final String LABEL_BOOTSTRAP_SERVERS = "Bootstrap-Servers"; public static final String LABEL_SCHEMA_REGISTRY_URL = "Schema Registry URL"; - public static final String LABEL_SCHEMA_REGISTRY_BASIC_AUTH_USER_INFO = "Schema Registry Basic Auth User Info"; + public static final String LABEL_SCHEMA_REGISTRY_BASIC_AUTH_USER_INFO = "LEGACY -Schema Registry Basic Auth User Info"; + public static final String LABEL_SCHEMA_REGISTRY_AUTH_USER_INFO = "Schema Registry Auth User Info"; + public static final String LABEL_SCHEMA_REGISTRY_AUTH_MODE = "Schema Registry Auth Mode"; public static final String LABEL_ENABLE_SSL = "Enable SSL"; public static final String LABEL_KEY_STORE_LOCATION = "Key Store Location"; public static final String LABEL_KEY_STORE_PASSWORD = "Key Store Password"; @@ -79,6 +81,16 @@ public static Optional show(ClusterConfig existingConfig) { .placeholder(LABEL_SCHEMA_REGISTRY_BASIC_AUTH_USER_INFO) .format(new NullFormatStringConverter()) .bind(copy.schemaRegistryBasicAuthUserInfoProperty()), + Field.ofSingleSelectionType(copy.schemaRegistryAuthModesProperty()) + .label(LABEL_SCHEMA_REGISTRY_AUTH_MODE) + .tooltip(LABEL_SCHEMA_REGISTRY_AUTH_MODE) + .bind(copy.schemaRegistryAuthModesProperty(),copy.schemaRegistryAuthModeProperty()), + Field.ofStringType(copy.getSchemaRegistryAuthConfig() == null ? "" : copy.getSchemaRegistryAuthConfig()) + .label(LABEL_SCHEMA_REGISTRY_AUTH_USER_INFO) + .tooltip(LABEL_SCHEMA_REGISTRY_AUTH_USER_INFO) + .placeholder(LABEL_SCHEMA_REGISTRY_AUTH_USER_INFO) + .format(new NullFormatStringConverter()) + .bind(copy.schemaRegistryAuthConfigProperty()), Field.ofBooleanType(copy.isSchemaRegistryUseSsl()) .label(LABEL_USE_SSL_CONFIGURATION) .tooltip(LABEL_USE_SSL_CONFIGURATION) diff --git a/src/main/java/at/esque/kafka/handlers/ConfigHandler.java b/src/main/java/at/esque/kafka/handlers/ConfigHandler.java index 98d369c..a9dae59 100644 --- a/src/main/java/at/esque/kafka/handlers/ConfigHandler.java +++ b/src/main/java/at/esque/kafka/handlers/ConfigHandler.java @@ -321,6 +321,12 @@ public Map getSaslProperties(ClusterConfig config) { if (StringUtils.isNoneEmpty(config.getSchemaRegistryBasicAuthUserInfo())) { props.put(SchemaRegistryClientConfig.BASIC_AUTH_CREDENTIALS_SOURCE, "USER_INFO"); props.put(SchemaRegistryClientConfig.CLIENT_NAMESPACE + SchemaRegistryClientConfig.USER_INFO_CONFIG, config.getSchemaRegistryBasicAuthUserInfo()); + } else if (ClusterConfig.SchemaRegistryAuthMode.BASIC.equals(config.getSchemaRegistryAuthMode())){ + props.put(SchemaRegistryClientConfig.BASIC_AUTH_CREDENTIALS_SOURCE, "USER_INFO"); + props.put(SchemaRegistryClientConfig.CLIENT_NAMESPACE + SchemaRegistryClientConfig.USER_INFO_CONFIG, config.getSchemaRegistryAuthConfig()); + }else if (ClusterConfig.SchemaRegistryAuthMode.TOKEN.equals(config.getSchemaRegistryAuthMode())){ + props.put(SchemaRegistryClientConfig.BEARER_AUTH_CREDENTIALS_SOURCE, "USER_INFO"); + props.put(SchemaRegistryClientConfig.CLIENT_NAMESPACE + SchemaRegistryClientConfig.BEARER_AUTH_TOKEN_CONFIG, config.getSchemaRegistryAuthConfig()); } return props; From 491fac9a911d8762ae54dad243097285562c84f8 Mon Sep 17 00:00:00 2001 From: b3rnh8rd Date: Thu, 9 Feb 2023 19:26:12 +0100 Subject: [PATCH 2/6] fixed token auth - adapted readme --- README.md | 27 ++++++----- .../at/esque/kafka/cluster/ClusterConfig.java | 45 ++++++++++++------- .../kafka/dialogs/ClusterConfigDialog.java | 4 +- .../esque/kafka/handlers/ConfigHandler.java | 4 +- 4 files changed, 48 insertions(+), 32 deletions(-) diff --git a/README.md b/README.md index 9ff8400..ba3bcd2 100644 --- a/README.md +++ b/README.md @@ -110,21 +110,24 @@ This can also be combined with given trust and keystore configuration ###### Example with Schema Registry with HTTPS and Basic Auth -The http**s** and 'sslEnabled' is important if you want to use truststore and/or keystore otherwise those attributes are ignored and now sslContext is provided to Schema Registry client - -you can use only Basic Auth if you SR is only protected with basic auth, you can use only keystore+truststore if your SR is protected with mTLS or you can use both settings in parallel. +The http**s** and 'sslEnabled' is important if you want to use truststore and/or keystore otherwise those attributes are ignored and now sslContext is provided to Schema Registry client. +You can use only Basic Auth if youy SR is only protected with basic auth, you can use Token Auth if your SR is protected with an OAUTH Token, you can use only keystore+truststore if your SR is protected with mTLS or you can use both settings in parallel. +schemaRegistryBasicAuthUserInfo is deprecated since token auth is supported in addition to basic auth. +There is a schemaRegistryAuthMode property with possible values NONE, BASIC or TOKEN and schemaRegistryAuthConfig property with either basic auth credentials or OAuthToken. ``` { - .... - "schemaRegistry": "https://myschemaregistry:8081", - "schemaRegistryBasicAuthUserInfo": ":", - ... - "sslEnabled": true, - "keyStoreLocation": "mykeystore.jks", - "keyStorePassword": "mykeystorepw", - "trustStoreLocation": "mytruststore.jks", - "trustStorePassword": "mykeystorepw" + .... + "schemaRegistry": "https://myschemaregistry:8081", +deprecated-> "schemaRegistryBasicAuthUserInfo": ":", + "schemaRegistryAuthMode": "NONE|BASIC|TOKEN", + "schemaRegistryAuthConfig": ":|:", + ... + "sslEnabled": true, + "keyStoreLocation": "mykeystore.jks", + "keyStorePassword": "mykeystorepw", + "trustStoreLocation": "mytruststore.jks", + "trustStorePassword": "mykeystorepw" } ``` diff --git a/src/main/java/at/esque/kafka/cluster/ClusterConfig.java b/src/main/java/at/esque/kafka/cluster/ClusterConfig.java index e866560..0c259be 100644 --- a/src/main/java/at/esque/kafka/cluster/ClusterConfig.java +++ b/src/main/java/at/esque/kafka/cluster/ClusterConfig.java @@ -15,8 +15,8 @@ public class ClusterConfig { private StringProperty schemaRegistry = new SimpleStringProperty(); private StringProperty schemaRegistryBasicAuthUserInfo = new SimpleStringProperty(); private StringProperty schemaRegistryAuthConfig = new SimpleStringProperty(); - private ListProperty schemaRegistryAuthModes = new SimpleListProperty<>( FXCollections.observableArrayList(Arrays.asList(SchemaRegistryAuthMode.NONE,SchemaRegistryAuthMode.BASIC, SchemaRegistryAuthMode.TOKEN))); - private ObjectProperty schemaRegistryAuthMode = new SimpleObjectProperty<>(); + private ListProperty schemaRegistryAuthModes = new SimpleListProperty<>(FXCollections.observableArrayList(Arrays.asList(SchemaRegistryAuthMode.NONE, SchemaRegistryAuthMode.BASIC, SchemaRegistryAuthMode.TOKEN))); + private ObjectProperty schemaRegistryAuthMode = new SimpleObjectProperty<>(SchemaRegistryAuthMode.NONE); private BooleanProperty schemaRegistryUseSsl = new SimpleBooleanProperty(); private BooleanProperty sslEnabled = new SimpleBooleanProperty(); private BooleanProperty certPathValidationSuppressed = new SimpleBooleanProperty(); @@ -36,17 +36,19 @@ public class ClusterConfig { public ClusterConfig() { } + public enum SchemaRegistryAuthMode { NONE, BASIC, TOKEN } + public ClusterConfig(ClusterConfig existingConfig) { update(existingConfig); } public void update(ClusterConfig existingConfig) { - if(existingConfig != null) { + if (existingConfig != null) { this.setIdentifier(existingConfig.getIdentifier()); this.setBootStrapServers(existingConfig.getBootStrapServers()); this.setSchemaRegistry(existingConfig.getSchemaRegistry()); @@ -128,6 +130,7 @@ public void setSslEnabled(boolean sslEnabled) { public boolean isSchemaRegistrySuppressCertPathValidation() { return certPathValidationSuppressed.get(); } + public BooleanProperty suppressCertPathValidation() { return certPathValidationSuppressed; } @@ -241,19 +244,42 @@ public void setSaslJaasConfig(String saslJaasConfig) { this.saslJaasConfig.set(saslJaasConfig); } + /** + * Deprecated use schemaRegistryAuthConfig instead for basic and token auth + */ + @Deprecated @JsonProperty("schemaRegistryBasicAuthUserInfo") public String getSchemaRegistryBasicAuthUserInfo() { return schemaRegistryBasicAuthUserInfo.get(); } + /** + * Deprecated use schemaRegistryAuthConfig instead for basic and token auth + */ public StringProperty schemaRegistryBasicAuthUserInfoProperty() { return schemaRegistryBasicAuthUserInfo; } + /** + * Deprecated use schemaRegistryAuthConfig instead for basic and token auth + */ public void setSchemaRegistryBasicAuthUserInfo(String schemaRegistryBasicAuthUserInfo) { this.schemaRegistryBasicAuthUserInfo.set(schemaRegistryBasicAuthUserInfo); } + @JsonProperty("schemaRegistryAuthMode") + public SchemaRegistryAuthMode getSchemaRegistryAuthMode() { + return schemaRegistryAuthMode.get(); + } + + public ObjectProperty schemaRegistryAuthModeProperty() { + return schemaRegistryAuthMode; + } + + public void setSchemaRegistryAuthMode(SchemaRegistryAuthMode schemaRegistryAuthMode) { + this.schemaRegistryAuthMode.set(schemaRegistryAuthMode); + } + @JsonProperty("schemaRegistryAuthConfig") public String getSchemaRegistryAuthConfig() { return schemaRegistryAuthConfig.get(); @@ -271,19 +297,6 @@ public ListProperty schemaRegistryAuthModesProperty() { return schemaRegistryAuthModes; } - @JsonProperty("schemaRegistryAuthMode") - public SchemaRegistryAuthMode getSchemaRegistryAuthMode() { - return schemaRegistryAuthMode.get(); - } - - public ObjectProperty schemaRegistryAuthModeProperty() { - return schemaRegistryAuthMode; - } - - public void setSchemaRegistryAuthMode(SchemaRegistryAuthMode schemaRegistryAuthMode) { - this.schemaRegistryAuthMode.set(schemaRegistryAuthMode); - } - @JsonProperty("schemaRegistryUseSsl") public boolean isSchemaRegistryUseSsl() { return schemaRegistryUseSsl.get(); diff --git a/src/main/java/at/esque/kafka/dialogs/ClusterConfigDialog.java b/src/main/java/at/esque/kafka/dialogs/ClusterConfigDialog.java index 95dd4e0..c8845db 100644 --- a/src/main/java/at/esque/kafka/dialogs/ClusterConfigDialog.java +++ b/src/main/java/at/esque/kafka/dialogs/ClusterConfigDialog.java @@ -20,8 +20,8 @@ public class ClusterConfigDialog { public static final String LABEL_IDENTIFIER = "Identifier"; public static final String LABEL_BOOTSTRAP_SERVERS = "Bootstrap-Servers"; public static final String LABEL_SCHEMA_REGISTRY_URL = "Schema Registry URL"; - public static final String LABEL_SCHEMA_REGISTRY_BASIC_AUTH_USER_INFO = "LEGACY -Schema Registry Basic Auth User Info"; - public static final String LABEL_SCHEMA_REGISTRY_AUTH_USER_INFO = "Schema Registry Auth User Info"; + public static final String LABEL_SCHEMA_REGISTRY_BASIC_AUTH_USER_INFO = "<>Schema Registry Basic Auth User Info"; + public static final String LABEL_SCHEMA_REGISTRY_AUTH_USER_INFO = "Schema Registry Auth Info"; public static final String LABEL_SCHEMA_REGISTRY_AUTH_MODE = "Schema Registry Auth Mode"; public static final String LABEL_ENABLE_SSL = "Enable SSL"; public static final String LABEL_KEY_STORE_LOCATION = "Key Store Location"; diff --git a/src/main/java/at/esque/kafka/handlers/ConfigHandler.java b/src/main/java/at/esque/kafka/handlers/ConfigHandler.java index a9dae59..b0a58d7 100644 --- a/src/main/java/at/esque/kafka/handlers/ConfigHandler.java +++ b/src/main/java/at/esque/kafka/handlers/ConfigHandler.java @@ -325,8 +325,8 @@ public Map getSaslProperties(ClusterConfig config) { props.put(SchemaRegistryClientConfig.BASIC_AUTH_CREDENTIALS_SOURCE, "USER_INFO"); props.put(SchemaRegistryClientConfig.CLIENT_NAMESPACE + SchemaRegistryClientConfig.USER_INFO_CONFIG, config.getSchemaRegistryAuthConfig()); }else if (ClusterConfig.SchemaRegistryAuthMode.TOKEN.equals(config.getSchemaRegistryAuthMode())){ - props.put(SchemaRegistryClientConfig.BEARER_AUTH_CREDENTIALS_SOURCE, "USER_INFO"); - props.put(SchemaRegistryClientConfig.CLIENT_NAMESPACE + SchemaRegistryClientConfig.BEARER_AUTH_TOKEN_CONFIG, config.getSchemaRegistryAuthConfig()); + props.put(SchemaRegistryClientConfig.BEARER_AUTH_CREDENTIALS_SOURCE, "STATIC_TOKEN"); + props.put(SchemaRegistryClientConfig.BEARER_AUTH_TOKEN_CONFIG, config.getSchemaRegistryAuthConfig()); } return props; From 7e26b3413f1ed9e019f234a88f0c1e7115644cc4 Mon Sep 17 00:00:00 2001 From: b3rnh8rd Date: Mon, 23 Oct 2023 19:45:35 +0200 Subject: [PATCH 3/6] adapted screen for multi span --- .../kafka/dialogs/ClusterConfigDialog.java | 24 ++++++++++++------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/src/main/java/at/esque/kafka/dialogs/ClusterConfigDialog.java b/src/main/java/at/esque/kafka/dialogs/ClusterConfigDialog.java index c8845db..1b646c7 100644 --- a/src/main/java/at/esque/kafka/dialogs/ClusterConfigDialog.java +++ b/src/main/java/at/esque/kafka/dialogs/ClusterConfigDialog.java @@ -7,6 +7,7 @@ import com.dlsc.formsfx.model.structure.Group; import com.dlsc.formsfx.model.util.BindingMode; import com.dlsc.formsfx.view.renderer.FormRenderer; +import com.dlsc.formsfx.view.util.ColSpan; import javafx.scene.Node; import javafx.scene.control.ButtonBar; import javafx.scene.control.ButtonType; @@ -84,21 +85,25 @@ public static Optional show(ClusterConfig existingConfig) { Field.ofSingleSelectionType(copy.schemaRegistryAuthModesProperty()) .label(LABEL_SCHEMA_REGISTRY_AUTH_MODE) .tooltip(LABEL_SCHEMA_REGISTRY_AUTH_MODE) - .bind(copy.schemaRegistryAuthModesProperty(),copy.schemaRegistryAuthModeProperty()), + .bind(copy.schemaRegistryAuthModesProperty(),copy.schemaRegistryAuthModeProperty()) + .span(ColSpan.HALF), Field.ofStringType(copy.getSchemaRegistryAuthConfig() == null ? "" : copy.getSchemaRegistryAuthConfig()) .label(LABEL_SCHEMA_REGISTRY_AUTH_USER_INFO) .tooltip(LABEL_SCHEMA_REGISTRY_AUTH_USER_INFO) .placeholder(LABEL_SCHEMA_REGISTRY_AUTH_USER_INFO) .format(new NullFormatStringConverter()) - .bind(copy.schemaRegistryAuthConfigProperty()), + .bind(copy.schemaRegistryAuthConfigProperty()) + .span(ColSpan.HALF), Field.ofBooleanType(copy.isSchemaRegistryUseSsl()) .label(LABEL_USE_SSL_CONFIGURATION) .tooltip(LABEL_USE_SSL_CONFIGURATION) - .bind(copy.schemaRegistryUseSslProperty()), + .bind(copy.schemaRegistryUseSslProperty()) + .span(ColSpan.HALF), Field.ofBooleanType(copy.isSchemaRegistrySuppressCertPathValidation()) .label(LABEL_SUPPRESS_CERT_PATH_VALIDATION) .tooltip(LABEL_SUPPRESS_CERT_PATH_VALIDATION) .bind(copy.suppressCertPathValidation()) + .span(ColSpan.HALF) ), Group.of( Field.ofStringType(copy.getkafkaConnectUrl()==null?"":copy.getkafkaConnectUrl()) @@ -128,11 +133,13 @@ public static Optional show(ClusterConfig existingConfig) { Field.ofBooleanType(copy.isSslEnabled()) .label(LABEL_ENABLE_SSL) .tooltip(LABEL_ENABLE_SSL) - .bind(copy.sslEnabledProperty()), + .bind(copy.sslEnabledProperty()) + .span(ColSpan.HALF), Field.ofBooleanType(copy.issuppressSslEndPointIdentification()) .label(LABEL_SUPPRESS_SSL_ENDPOINT_IDENTIFICATION) .tooltip(LABEL_SUPPRESS_SSL_ENDPOINT_IDENTIFICATION) - .bind(copy.suppressSslEndPointIdentificationProperty()), + .bind(copy.suppressSslEndPointIdentificationProperty()) + .span(ColSpan.HALF), Field.ofStringType(copy.getKeyStoreLocation()==null?"":copy.getKeyStoreLocation()) .label(LABEL_KEY_STORE_LOCATION) .tooltip(LABEL_KEY_STORE_LOCATION) @@ -164,13 +171,15 @@ public static Optional show(ClusterConfig existingConfig) { .tooltip(LABEL_SASL_SECURITY_PROTOCOL) .placeholder(LABEL_SASL_SECURITY_PROTOCOL) .format(new NullFormatStringConverter()) - .bind(copy.saslSecurityProtocolProperty()), + .bind(copy.saslSecurityProtocolProperty()) + .span(ColSpan.HALF), Field.ofStringType(copy.getSaslMechanism()==null?"":copy.getSaslMechanism()) .label(LABEL_SASL_MECHANISM) .tooltip(LABEL_SASL_MECHANISM) .placeholder(LABEL_SASL_MECHANISM) .format(new NullFormatStringConverter()) - .bind(copy.saslMechanismProperty()), + .bind(copy.saslMechanismProperty()) + .span(ColSpan.HALF), Field.ofStringType(copy.getSaslJaasConfig()==null?"":copy.getSaslJaasConfig()) .label(LABEL_SASL_JAAS_CONFIG) .tooltip(LABEL_SASL_JAAS_CONFIG) @@ -181,7 +190,6 @@ public static Optional show(ClusterConfig existingConfig) { .label(LABEL_SASL_CLIENT_CALLBACK_HANDLER_CLASS) .tooltip(LABEL_SASL_CLIENT_CALLBACK_HANDLER_CLASS) .placeholder(LABEL_SASL_CLIENT_CALLBACK_HANDLER_CLASS) - .valueDescription(String.format("Is used f.e. %s=AWS_MSK_IAM, %s=software.amazon.msk.auth.iam.IAMClientCallbackHandler", LABEL_SASL_MECHANISM,LABEL_SASL_CLIENT_CALLBACK_HANDLER_CLASS)) .format(new NullFormatStringConverter()) .bind(copy.saslClientCallbackHandlerClassProperty()) ) From 9dda2155bf78e94815e5b673fc72b3699a4846cc Mon Sep 17 00:00:00 2001 From: b3rnh8rd <115575556+b3rnh8rd@users.noreply.github.com> Date: Wed, 25 Oct 2023 08:56:45 +0200 Subject: [PATCH 4/6] updated msk iam auth version --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index 9eaa8ff..d458449 100644 --- a/build.gradle +++ b/build.gradle @@ -54,7 +54,7 @@ dependencies { implementation 'com.squareup.okhttp3:okhttp:4.9.3' implementation 'com.flipkart.zjsonpatch:zjsonpatch:0.4.12' implementation 'tech.allegro.schema.json2avro:converter:0.2.15' - implementation 'software.amazon.msk:aws-msk-iam-auth:1.1.5' + implementation 'software.amazon.msk:aws-msk-iam-auth:1.1.9' testImplementation 'junit:junit:4.13.2' testImplementation 'org.springframework.kafka:spring-kafka-test:2.4.13.RELEASE' From c34a01e7f1a8a28572efac6c0b3d6f0e3ffd71e7 Mon Sep 17 00:00:00 2001 From: "Haring, Bernhard (Extern)" Date: Wed, 25 Oct 2023 09:52:06 +0200 Subject: [PATCH 5/6] removed deprecated basic auth config from dialog - added migration script - formatted error in case of update check failed --- .../kafka/dialogs/ClusterConfigDialog.java | 7 ---- .../esque/kafka/handlers/ConfigHandler.java | 34 +++++++++++++++---- .../kafka/handlers/VersionInfoHandler.java | 4 +-- 3 files changed, 30 insertions(+), 15 deletions(-) diff --git a/src/main/java/at/esque/kafka/dialogs/ClusterConfigDialog.java b/src/main/java/at/esque/kafka/dialogs/ClusterConfigDialog.java index 1b646c7..2230ae3 100644 --- a/src/main/java/at/esque/kafka/dialogs/ClusterConfigDialog.java +++ b/src/main/java/at/esque/kafka/dialogs/ClusterConfigDialog.java @@ -21,7 +21,6 @@ public class ClusterConfigDialog { public static final String LABEL_IDENTIFIER = "Identifier"; public static final String LABEL_BOOTSTRAP_SERVERS = "Bootstrap-Servers"; public static final String LABEL_SCHEMA_REGISTRY_URL = "Schema Registry URL"; - public static final String LABEL_SCHEMA_REGISTRY_BASIC_AUTH_USER_INFO = "<>Schema Registry Basic Auth User Info"; public static final String LABEL_SCHEMA_REGISTRY_AUTH_USER_INFO = "Schema Registry Auth Info"; public static final String LABEL_SCHEMA_REGISTRY_AUTH_MODE = "Schema Registry Auth Mode"; public static final String LABEL_ENABLE_SSL = "Enable SSL"; @@ -76,12 +75,6 @@ public static Optional show(ClusterConfig existingConfig) { .placeholder(LABEL_SCHEMA_REGISTRY_URL) .format(new NullFormatStringConverter()) .bind(copy.schemaRegistryProperty()), - Field.ofStringType(copy.getSchemaRegistryBasicAuthUserInfo() == null ? "" : copy.getSchemaRegistryBasicAuthUserInfo()) - .label(LABEL_SCHEMA_REGISTRY_BASIC_AUTH_USER_INFO) - .tooltip(LABEL_SCHEMA_REGISTRY_BASIC_AUTH_USER_INFO) - .placeholder(LABEL_SCHEMA_REGISTRY_BASIC_AUTH_USER_INFO) - .format(new NullFormatStringConverter()) - .bind(copy.schemaRegistryBasicAuthUserInfoProperty()), Field.ofSingleSelectionType(copy.schemaRegistryAuthModesProperty()) .label(LABEL_SCHEMA_REGISTRY_AUTH_MODE) .tooltip(LABEL_SCHEMA_REGISTRY_AUTH_MODE) diff --git a/src/main/java/at/esque/kafka/handlers/ConfigHandler.java b/src/main/java/at/esque/kafka/handlers/ConfigHandler.java index b0a58d7..9683a0e 100644 --- a/src/main/java/at/esque/kafka/handlers/ConfigHandler.java +++ b/src/main/java/at/esque/kafka/handlers/ConfigHandler.java @@ -24,6 +24,7 @@ import java.util.List; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; +import java.util.concurrent.atomic.AtomicBoolean; import java.util.function.Function; import java.util.stream.Collectors; @@ -214,6 +215,7 @@ public ClusterConfigs loadOrCreateConfigs() { } else if (clusterConfig.exists()) { try { clusterConfigs = objectMapper.readValue(clusterConfig, ClusterConfigs.class); + maybeMigrateDeprecatedConfig(clusterConfigs); return clusterConfigs; } catch (IOException e) { ErrorAlert.show(e); @@ -232,11 +234,34 @@ public ClusterConfigs loadOrCreateConfigs() { return clusterConfigs; } - public void saveConfigs() { + public void maybeMigrateDeprecatedConfig(ClusterConfigs clusterConfigs) { + AtomicBoolean updated = new AtomicBoolean(false); + clusterConfigs.getClusterConfigs().forEach(config -> { + var schemaRegistryBasicAuthUserInfo = config.getSchemaRegistryBasicAuthUserInfo(); + if (StringUtils.isNotBlank(schemaRegistryBasicAuthUserInfo)) { + config.setSchemaRegistryAuthMode(ClusterConfig.SchemaRegistryAuthMode.BASIC); + config.setSchemaRegistryAuthConfig(schemaRegistryBasicAuthUserInfo); + config.setSchemaRegistryBasicAuthUserInfo(null); + updated.set(true); + } + }); + if (updated.get()) { + if (saveConfigs()) { + LOGGER.info("deprecated property migration sucessful!"); + } else { + LOGGER.warn("deprecated property migration failed!"); + } + } + } + + + public boolean saveConfigs() { try { objectMapper.writeValue(clusterConfig, clusterConfigs); + return true; } catch (IOException e) { ErrorAlert.show(e); + return false; } } @@ -318,13 +343,10 @@ public Map getSaslProperties(ClusterConfig config) { public Map getSchemaRegistryAuthProperties(ClusterConfig config) { Map props = new HashMap<>(); - if (StringUtils.isNoneEmpty(config.getSchemaRegistryBasicAuthUserInfo())) { - props.put(SchemaRegistryClientConfig.BASIC_AUTH_CREDENTIALS_SOURCE, "USER_INFO"); - props.put(SchemaRegistryClientConfig.CLIENT_NAMESPACE + SchemaRegistryClientConfig.USER_INFO_CONFIG, config.getSchemaRegistryBasicAuthUserInfo()); - } else if (ClusterConfig.SchemaRegistryAuthMode.BASIC.equals(config.getSchemaRegistryAuthMode())){ + if (ClusterConfig.SchemaRegistryAuthMode.BASIC.equals(config.getSchemaRegistryAuthMode())) { props.put(SchemaRegistryClientConfig.BASIC_AUTH_CREDENTIALS_SOURCE, "USER_INFO"); props.put(SchemaRegistryClientConfig.CLIENT_NAMESPACE + SchemaRegistryClientConfig.USER_INFO_CONFIG, config.getSchemaRegistryAuthConfig()); - }else if (ClusterConfig.SchemaRegistryAuthMode.TOKEN.equals(config.getSchemaRegistryAuthMode())){ + } else if (ClusterConfig.SchemaRegistryAuthMode.TOKEN.equals(config.getSchemaRegistryAuthMode())) { props.put(SchemaRegistryClientConfig.BEARER_AUTH_CREDENTIALS_SOURCE, "STATIC_TOKEN"); props.put(SchemaRegistryClientConfig.BEARER_AUTH_TOKEN_CONFIG, config.getSchemaRegistryAuthConfig()); } diff --git a/src/main/java/at/esque/kafka/handlers/VersionInfoHandler.java b/src/main/java/at/esque/kafka/handlers/VersionInfoHandler.java index 8db1d42..f1abe42 100644 --- a/src/main/java/at/esque/kafka/handlers/VersionInfoHandler.java +++ b/src/main/java/at/esque/kafka/handlers/VersionInfoHandler.java @@ -117,7 +117,7 @@ private Map checkLatestVersion() { } catch (Exception e) { - Platform.runLater(() -> ErrorAlert.show(e)); + Platform.runLater(() -> ErrorAlert.show("Update Check failed", "Failed to check for availabe Updates", e.getMessage(), e, null, false)); } } else { return (Map) versionCheckContent.get("release"); @@ -133,7 +133,7 @@ public void showDialogIfUpdateIsAvailable(HostServices hostServices) { if (openInBrowser) { try { hostServices.showDocument(updateInfo.getReleasePage()); - }catch (Exception e){ + } catch (Exception e) { ErrorAlert.show(e); } } From 199119f2337d253b45ee28be6559019c0d2e5c66 Mon Sep 17 00:00:00 2001 From: "Haring, Bernhard (Extern)" Date: Wed, 25 Oct 2023 10:10:51 +0200 Subject: [PATCH 6/6] updated version --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index d458449..4e82846 100644 --- a/build.gradle +++ b/build.gradle @@ -11,7 +11,7 @@ plugins { } group = 'at.esque.kafka' -version = '2.7.3' +version = '2.8.0' repositories { mavenCentral()