Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to use OAuth2 authentication #173

Open
aprodhomme-dkt opened this issue Jun 30, 2023 · 2 comments
Open

Unable to use OAuth2 authentication #173

aprodhomme-dkt opened this issue Jun 30, 2023 · 2 comments
Labels
enhancement New feature or request

Comments

@aprodhomme-dkt
Copy link
Contributor

aprodhomme-dkt commented Jun 30, 2023
edited by jeqo
Loading

Hi,

Before using your http-connector we need first to be able to authenticate to an API provider with oauth2. Unfortunately the API Publishers didn't implement a standard way to retrieve an access token. Instead they developed their own api with the following form (see https://api.didomi.io/docs/#/sessions/post_sessions):

{
  "type": "api-key",
  "key": "my_client_id",
  "secret": "my_secret"
}

Our proposal is to bring additional configuration to configure the form field. For example we would have the following configuration to implement the oauth2 form described above:

{
  "name": "http-sink-test",
  "config": {
    "connector.class": "io.aiven.kafka.connect.http.HttpSinkConnector",
    "topics.regex": "domain_a.*",
    "http.url": "http://httpmockserver:1080",
    "http.authorization.type": "oauth2",
    "http.headers.content.type":  "application/json",
    "oauth2.access.token.url":  "http://httpmockserver:1080/oauth2",
    "oauth2.client.authorization.mode": "URL",
    "oauth2.grant_type.key": "type",
    "oauth2.grant_type": " api-key",
    "oauth2.client.id":   "my_client_id",
    "oauth2.client.id.key":  "key",
    "oauth2.client.secret":  "my_secret",
    "oauth2.client.secret.key":  "secret",
    "key.converter": "org.apache.kafka.connect.storage.StringConverter",
    "value.converter": "org.apache.kafka.connect.json.JsonConverter"
  }
}

We already have made a fork to implement this issue on our side as we need to move forward on our production schedule. For that 2 PRs were pushed:

Thank you
@aprodhomme-dkt
Copy link
Contributor Author

Hi @jeqo , as you mentioned a few months ago, we reworked our code and pushed 2 PR to help reviewer to understand the modifications.

@jeqo jeqo added the enhancement New feature or request label Jul 4, 2023
@jeqo
Copy link
Contributor

jeqo commented Jul 5, 2023

@aprodhomme-dkt thanks for this proposal. I agree the current sender logic requires a refactor, and the proposed factory pattern fits very well IMO.

I do also agree that the customizing the field names is a good improvement. We are doing similar with the access token field by defining a custom property name oauth2.response.token.property.

Let's just be careful we are not breaking existing functionality and behavior. We can discuss this on the PRs specifically.

Thanks again!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jeqo @aprodhomme-dkt