Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/damiannolan/sasl

A simple and straight forward implementation of Shopify/sarama's AccessTokenProvider interface to be used for the SASL/OAUTHBEARER auth mechanism for Apache Kafka
https://github.com/damiannolan/sasl

kafka oauth2 oauthbearer sarama sasl

Last synced: about 1 month ago
JSON representation

A simple and straight forward implementation of Shopify/sarama's AccessTokenProvider interface to be used for the SASL/OAUTHBEARER auth mechanism for Apache Kafka

Host: GitHub
URL: https://github.com/damiannolan/sasl
Owner: damiannolan
License: mit
Created: 2019-12-24T11:03:23.000Z (almost 5 years ago)
Default Branch: master
Last Pushed: 2024-05-21T14:58:12.000Z (7 months ago)
Last Synced: 2024-06-20T00:44:57.579Z (6 months ago)
Topics: kafka, oauth2, oauthbearer, sarama, sasl
Language: Go
Homepage:
Size: 13.7 KB
Stars: 7
Watchers: 5
Forks: 2
Open Issues: 2
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # SASL/OAUTHBEARER Access Token Provider

## Overview 

This package is intended to be used as a complement to [Shopify/sarama](https://github.com/Shopify/sarama). It provides an implementation of the `sarama.AccessTokenProvider` interface to be employed by clients using the SASL/OAUTHBEARER mechanism for Apache Kafka.

The very popular `golang/oauth2` and `golang/oauth2/clientcredentials` are leveraged to perform the 2 legged client credentials flow to obtain an Access Token outside the context of a user. 

## Installation

```

go get github.com/damiannolan/sasl/oauthbearer

```

## Usage

Configure `sarama.Config` as desired for producer/consumer clients and enable SASL/OAUTHBEARER with the appropriate settings. For production setups it is recommended to use this authentication mechanism over a secure connection. This can be achieved by setting `Net.TLS.Enable` to `true` and providing a `*tls.Config` through `Net.TLS.Config`.

```go

import (

    "github.com/Shopify/sarama"

    "github.com/damiannolan/sasl/oauthbearer"

)

func main() {

    cfg := sarama.NewConfig()

    cfg.Net.SASL.Enable = true

    cfg.Net.SASL.Mechanism = sarama.SASLTypeOAuth

    cfg.Net.SASL.TokenProvider = oauthbearer.NewTokenProvider(clientID, clientSecret, tokenURL)

    ...

}

```

## References

- [Configuring SASL/OAUTHBEARER](https://docs.confluent.io/current/kafka/authentication_sasl/authentication_sasl_oauth.html)

- [KIP-255 OAuth Authentication via SASL/OAUTHBEARER](https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=75968876)

- [sarama](https://github.com/Shopify/sarama)

- [oauth2](https://godoc.org/golang.org/x/oauth2)

- [oauth2/clientcredentials](https://godoc.org/golang.org/x/oauth2)