kafka ScramCredentialUtils 源码
kafka ScramCredentialUtils 代码
文件路径:/clients/src/main/java/org/apache/kafka/common/security/scram/internals/ScramCredentialUtils.java
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.kafka.common.security.scram.internals;
import java.util.Base64;
import java.util.Collection;
import java.util.Properties;
import org.apache.kafka.common.security.authenticator.CredentialCache;
import org.apache.kafka.common.security.scram.ScramCredential;
/**
* SCRAM Credential persistence utility functions. Implements format conversion used
* for the credential store implemented in Kafka. Credentials are persisted as a comma-separated
* String of key-value pairs:
* <pre>
* salt=<i>salt</i>,stored_key=<i>stored_key</i>,server_key=<i>server_key</i>,iterations=<i>iterations</i>
* </pre>
*
*/
public final class ScramCredentialUtils {
private static final String SALT = "salt";
private static final String STORED_KEY = "stored_key";
private static final String SERVER_KEY = "server_key";
private static final String ITERATIONS = "iterations";
private ScramCredentialUtils() {}
public static String credentialToString(ScramCredential credential) {
return String.format("%s=%s,%s=%s,%s=%s,%s=%d",
SALT,
Base64.getEncoder().encodeToString(credential.salt()),
STORED_KEY,
Base64.getEncoder().encodeToString(credential.storedKey()),
SERVER_KEY,
Base64.getEncoder().encodeToString(credential.serverKey()),
ITERATIONS,
credential.iterations());
}
public static ScramCredential credentialFromString(String str) {
Properties props = toProps(str);
if (props.size() != 4 || !props.containsKey(SALT) || !props.containsKey(STORED_KEY) ||
!props.containsKey(SERVER_KEY) || !props.containsKey(ITERATIONS)) {
throw new IllegalArgumentException("Credentials not valid: " + str);
}
byte[] salt = Base64.getDecoder().decode(props.getProperty(SALT));
byte[] storedKey = Base64.getDecoder().decode(props.getProperty(STORED_KEY));
byte[] serverKey = Base64.getDecoder().decode(props.getProperty(SERVER_KEY));
int iterations = Integer.parseInt(props.getProperty(ITERATIONS));
return new ScramCredential(salt, storedKey, serverKey, iterations);
}
private static Properties toProps(String str) {
Properties props = new Properties();
String[] tokens = str.split(",");
for (String token : tokens) {
int index = token.indexOf('=');
if (index <= 0)
throw new IllegalArgumentException("Credentials not valid: " + str);
props.put(token.substring(0, index), token.substring(index + 1));
}
return props;
}
public static void createCache(CredentialCache cache, Collection<String> mechanisms) {
for (String mechanism : ScramMechanism.mechanismNames()) {
if (mechanisms.contains(mechanism))
cache.createCache(mechanism, ScramCredential.class);
}
}
}
相关信息
相关文章
kafka ScramSaslClientProvider 源码
0
赞
热门推荐
-
2、 - 优质文章
-
3、 gate.io
-
6、 golang
-
8、 openharmony