Type-safe Security Configuration #88
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
felixschlegel
force-pushed
the
fs-kafka-ssl-sasl-configuration
branch
from
81621d3 to
1d10d99
Compare
> Adds some of the missing properties from swift-server#46. Motivation: We were lacking some of the security protocol configuration options and want to provide them in a type-safe manner. Modifications: * add Kerberos support * add OAuthBearer support * Created a new file `KafkaConfiguration+Security.swift` * add `public struct` `SSLConfiguration` * add `public struct` `SASLMechanism` * add `public struct` `KerberosConfiguration` * add `public struct` `OAuthBearerMethod` * add `public struct` `SecurityProtocol` * integrate `KafkaConfiguration.SSLOptions` in new types * integrate `KafkaConfiguration.SASLOptions` in new types
felixschlegel
force-pushed
the
fs-kafka-ssl-sasl-configuration
branch
from
1d10d99 to
b7d57fb
Compare
dnadoba
reviewed
Jul 17, 2023
| public static func keyPair( | ||
| privateKey: PrivateKey, | ||
| publicKeyCertificate: Key, | ||
| caCertificate: Key, |
There was a problem hiding this comment.
I think we should provide an easy way to use the "default" i.e. "probe" that searches for locally trusted CAs.
dnadoba
reviewed
Jul 17, 2023
| /// Use to configure an SSL connection. | ||
| public struct SSLConfiguration: Sendable, Hashable { | ||
| /// A key either located in a file or directly as a key String (PEM format). | ||
| public struct Key: Sendable, Hashable { |
There was a problem hiding this comment.
Probably the right term here would be Chain as it not only contains the public key but at least one certificate and possibly multiple certificates.
There was a problem hiding this comment.
Hm... maybe even two types.
- One of them is kind of a
LeafAndIntermediatestype as the first certificate in the chain will be used as the identity of the client and the remaining, in no particular order, will be used as potential intermediate certificates and send to the broker to verify the client. - The other type could be
RootCertificatesas it is an unordered list of trusted CAs that is used by the client to verifier the identity of the broker.
dnadoba
reviewed
Jul 17, 2023
Comment on lines
96
to
97
| publicKeyCertificate: Key, | ||
| caCertificate: Key, |
There was a problem hiding this comment.
we might want to use different types here so we can provide a reasonable default for caCertificate.
Modifications:
* go from `KafkaConfiguration.Key` type into more specific types:
* `LeafAndIntermediates` to extract the public Key
* `PrivateKey`
* `RootCertificate`
* `RootCertificate`: add two new options
* `probe` (default): probe list of standard paths and make first
certificate found root default root certificate location path
* `disableBrokerVerification`: disable broker verification entirely
* `KafkaConfiguration+Security`:
* turn `static func`s without parameters into `static let`s for our
enum-like `public structs`
FranzBusch
approved these changes
Jul 18, 2023
dnadoba
reviewed
Jul 18, 2023
| /// Available SASL mechanisms that can be used for authentication. | ||
| public struct SASLMechanism: Sendable, Hashable { | ||
| /// Used to configure Kerberos. | ||
| public struct KerberosConfiguration: Sendable, Hashable { |
There was a problem hiding this comment.
I think there is a public init missing
| ) | ||
|
|
||
| /// Use the Secure Sockets Layer (SSL) protocol. | ||
| public static func ssl(configuration: SSLConfiguration) -> SecurityProtocol { |
There was a problem hiding this comment.
@Lukasa should this be called TLS instead of SSL?
Modifications: * add `public init` to `KafkaConfiguration.SASLMechanism.KerberosConfiguration`
dnadoba
approved these changes
Jul 18, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Motivation:
We were lacking some of the security protocol configuration options and
want to provide them in a type-safe manner.
Modifications:
KafkaConfiguration+Security.swiftpublic structSSLConfigurationpublic structSASLMechanismpublic structKerberosConfigurationpublic structOAuthBearerMethodpublic structSecurityProtocolKafkaConfiguration.SSLOptionsin new typesKafkaConfiguration.SASLOptionsin new typesExample: