Support create token with headers #1455

coderzc · 2024-05-14T03:47:10Z

Master Issue: #

Motivation

Currently, the tool that generates the token cannot attach headers. We should support it. For example, it makes sense to attach a kid field for JWKS.

Modifications

Support create token with headers

Verifying this change

Make sure that the change passes the CI checks.

(Please pick either of the following options)

This change is a trivial rework / code cleanup without any test coverage.

(or)

This change is already covered by existing tests, such as (please describe tests).

(or)

This change added tests and can be verified as follows:

(example:)

Added integration tests for end-to-end deployment with large payloads (10MB)
Extended integration test for recovery after broker failure

Documentation

Check the box below.

Need to update docs?

doc-required

(If you need help on updating docs, create a doc issue)
no-need-doc

(Please explain why)
doc

(If this PR contains doc changes)

pkg/cmdutils/token.go

zymap · 2024-05-30T02:10:56Z

What's the difference between this and the method in the https://github.com/streamnative/pulsarctl/pull/1455/files#diff-c61908f43ade6604eaae204d799b4b61f0ea0f98df937b11b8d8caacc73df0b0R45?

zymap

Seems we already support the API with header:

pulsarctl/pkg/cmdutils/token.go

Line 94 in 79b2d46

func (t *token) CreateToken(

what’s the difference between them? Maybe we can use the existing API to extend more options for the jwt claims?

coderzc · 2024-05-30T03:01:43Z

Seems we already support the API with header:

pulsarctl/pkg/cmdutils/token.go

Line 94 in 79b2d46

func (t *token) CreateToken(

what’s the difference between them? Maybe we can use the existing API to extend more options for the jwt claims?

The CreateToken method must be with claims and Create will call CreateToken, I only pass headers params from Create to CreateToken

pulsarctl/pkg/cmdutils/token.go

Lines 76 to 92 in 79b2d46

    
           func (t *token) Create(algorithm algorithm.Algorithm, signKey interface{}, subject string, 
        
           	expireTime int64) (string, error) { 
        
           	var claims *jwt.MapClaims 
        
           	if expireTime <= 0 { 
        
           		claims = &jwt.MapClaims{ 
        
           			"sub": subject, 
        
           		} 
        
           	} else { 
        
           		claims = &jwt.MapClaims{ 
        
           			"sub": subject, 
        
           			"exp": jwt.NewNumericDate(time.Unix(expireTime, 0)), 
        
           		} 
        
           	} 
        
           	return t.CreateToken(algorithm, signKey, claims, nil) 
        
           }

coderzc · 2024-05-31T01:15:18Z

@zymap I let cmd call the CreateToken method and revert the modifications to Create, PTAL

zymap · 2024-05-31T01:37:34Z

pkg/ctl/token/create.go

@@ -126,6 +135,8 @@ func create(vc *cmdutils.VerbCmd) {
 			"The expire time for a token. e.g. 1s, 1m, 1h")
 		set.BoolVar(&args.base64Encoded, "base64", false,
 			"The secret key is base64 encoded or not.")
+		set.StringVar(&args.headers, "headers", "",


There is a method set.StringToStringVar() to receive a map value from the command line. We can use that instead of parse the map value by ourselves.

Good idea, updated.

### Motivation Currently, the tool that generates the token cannot attach headers. We should support it. For example, it makes sense to attach a kid field for JWKS. (cherry picked from commit c7fdea5)

coderzc requested review from mattisonchao, zymap and nlu90 as code owners May 14, 2024 03:47

github-actions bot assigned coderzc May 14, 2024

github-actions bot added the no-need-doc This pr does not need any document label May 14, 2024

coderzc force-pushed the create_token_with_headers branch 2 times, most recently from 82a8401 to a506f4c Compare May 14, 2024 03:55

Support create token with headers

a7087a8

coderzc force-pushed the create_token_with_headers branch from a506f4c to a7087a8 Compare May 14, 2024 04:04

mattisonchao previously approved these changes May 30, 2024

View reviewed changes

mattisonchao reviewed May 30, 2024

View reviewed changes

pkg/cmdutils/token.go Outdated Show resolved Hide resolved

zymap requested changes May 30, 2024

View reviewed changes

coderzc requested a review from zymap May 30, 2024 07:03

coderzc dismissed mattisonchao’s stale review via 0c76b3b May 31, 2024 01:02

coderzc force-pushed the create_token_with_headers branch from 0c76b3b to 199591f Compare May 31, 2024 01:03

cmd call CreateToken instead of Create

cd82391

coderzc force-pushed the create_token_with_headers branch from 199591f to cd82391 Compare May 31, 2024 01:09

zymap reviewed May 31, 2024

View reviewed changes

Using StringToStringVar instead of parseMapArgs

384a7e7

zymap approved these changes May 31, 2024

View reviewed changes

zymap merged commit c7fdea5 into master May 31, 2024
11 checks passed

zymap deleted the create_token_with_headers branch May 31, 2024 04:32

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Support create token with headers #1455

Support create token with headers #1455

coderzc commented May 14, 2024 •

edited

zymap commented May 30, 2024

zymap left a comment

coderzc commented May 30, 2024 •

edited

coderzc commented May 31, 2024

zymap May 31, 2024

coderzc May 31, 2024

Support create token with headers #1455

Support create token with headers #1455

Conversation

coderzc commented May 14, 2024 • edited

Motivation

Modifications

Verifying this change

Documentation

zymap commented May 30, 2024

zymap left a comment

Choose a reason for hiding this comment

coderzc commented May 30, 2024 • edited

coderzc commented May 31, 2024

zymap May 31, 2024

Choose a reason for hiding this comment

coderzc May 31, 2024

Choose a reason for hiding this comment

coderzc commented May 14, 2024 •

edited

coderzc commented May 30, 2024 •

edited