ruby-kafka-aws-iam 1.4.2 → 1.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 70f5cfc318547021d6d3acad6780dbd048c53da455ed71ce8b44661a24d5b884
4
- data.tar.gz: 9623c5fe6a7301c4a8792ddf4d877025407d5bc791bd518258244c04315abfe2
3
+ metadata.gz: 607bb37655f529a498de009d4cd38a4ef20c6f482bfe1d6cca8ed3853f2e6ed3
4
+ data.tar.gz: f2e06f1cd3c0604257fecbaf9e547993ec2e6a5e43a8d8c8c71eac255c677a95
5
5
  SHA512:
6
- metadata.gz: 5fda77a743ae3f98cce165b51f865788bba54327987bfa76fabbf0986788ed915e60b4304b17d78baa818a5be6799156168758b3f7304d0ff7344cd876e94f68
7
- data.tar.gz: 9e20f068510c988138e5e799c75b4c558f6c93ea962e9e5ae27daeadef2e68dbdf175092723a94eae69bc943bfc9a463b2986c4594edb242435a66bab570bab6
6
+ metadata.gz: 7c5a204ce55df1eae6fdaf28dfa5b0f22c5b499d4a008e86bac9705f8118f870406134bbff016da201a693261cd6a5fa31b9e8a7c72fdeefb9d1b1c61b4dce56
7
+ data.tar.gz: 936df6a6c67d92a55c830faae1b13b0a2b497764753cd33592f7e6322eafd38a42e0ab0ce348b945048bb57bff2eca07a4bb08b555fc8e0eac039565187c536c
data/lib/kafka/client.rb CHANGED
@@ -86,7 +86,9 @@ module Kafka
86
86
  sasl_gssapi_keytab: nil, sasl_plain_authzid: '', sasl_plain_username: nil, sasl_plain_password: nil,
87
87
  sasl_scram_username: nil, sasl_scram_password: nil, sasl_scram_mechanism: nil,
88
88
  sasl_aws_msk_iam_access_key_id: nil,
89
- sasl_aws_msk_iam_secret_key_id: nil, sasl_aws_msk_iam_aws_region: nil,
89
+ sasl_aws_msk_iam_secret_key_id: nil,
90
+ sasl_aws_msk_iam_aws_region: nil,
91
+ sasl_aws_msk_iam_session_token: nil,
90
92
  sasl_over_ssl: true, ssl_ca_certs_from_system: false, partitioner: nil, sasl_oauth_token_provider: nil, ssl_verify_hostname: true,
91
93
  resolve_seed_brokers: false)
92
94
  @logger = TaggedLogger.new(logger)
@@ -117,6 +119,7 @@ module Kafka
117
119
  sasl_aws_msk_iam_access_key_id: sasl_aws_msk_iam_access_key_id,
118
120
  sasl_aws_msk_iam_secret_key_id: sasl_aws_msk_iam_secret_key_id,
119
121
  sasl_aws_msk_iam_aws_region: sasl_aws_msk_iam_aws_region,
122
+ sasl_aws_msk_iam_session_token: sasl_aws_msk_iam_session_token,
120
123
  sasl_oauth_token_provider: sasl_oauth_token_provider,
121
124
  logger: @logger
122
125
  )
@@ -127,12 +127,7 @@ module Kafka
127
127
  @logger.debug "Opening connection to #{@host}:#{@port} with client id #{@client_id}..."
128
128
 
129
129
  if @ssl_context
130
- @socket = SSLSocketWithTimeout.new(@host,
131
- @port,
132
- connect_timeout: @connect_timeout,
133
- timeout: @socket_timeout,
134
- ssl_context: @ssl_context,
135
- logger: @logger)
130
+ @socket = SSLSocketWithTimeout.new(@host, @port, connect_timeout: @connect_timeout, timeout: @socket_timeout, ssl_context: @ssl_context)
136
131
  else
137
132
  @socket = SocketWithTimeout.new(@host, @port, connect_timeout: @connect_timeout, timeout: @socket_timeout)
138
133
  end
@@ -9,12 +9,13 @@ module Kafka
9
9
  class AwsMskIam
10
10
  AWS_MSK_IAM = "AWS_MSK_IAM"
11
11
 
12
- def initialize(aws_region:, access_key_id:, secret_key_id:, logger:)
12
+ def initialize(aws_region:, access_key_id:, secret_key_id:, session_token: nil,logger:)
13
13
  @semaphore = Mutex.new
14
14
 
15
15
  @aws_region = aws_region
16
16
  @access_key_id = access_key_id
17
17
  @secret_key_id = secret_key_id
18
+ @session_token = session_token
18
19
  @logger = TaggedLogger.new(logger)
19
20
  end
20
21
 
@@ -39,13 +40,11 @@ module Kafka
39
40
  encoder.write_bytes(msg)
40
41
 
41
42
  begin
42
- @logger.debug "Decoding first server SASL AWS_MSK_IAM message"
43
43
  @server_first_message = decoder.bytes
44
44
  @logger.debug "Received first server SASL AWS_MSK_IAM message: #{@server_first_message}"
45
45
 
46
46
  raise Kafka::Error, "SASL AWS_MSK_IAM authentication failed: unknown error" unless @server_first_message
47
47
  rescue Errno::ETIMEDOUT, EOFError => e
48
- @logger.error e.backtrace
49
48
  raise Kafka::Error, "SASL AWS_MSK_IAM authentication failed: #{e.message}"
50
49
  end
51
50
 
@@ -63,7 +62,7 @@ module Kafka
63
62
  end
64
63
 
65
64
  def authentication_payload(host:, time_now:)
66
- {
65
+ payload = {
67
66
  'version': "2020_10_22",
68
67
  'host': host,
69
68
  'user-agent': "ruby-kafka",
@@ -74,7 +73,11 @@ module Kafka
74
73
  'x-amz-signedheaders': "host",
75
74
  'x-amz-expires': "900",
76
75
  'x-amz-signature': signature(host: host, time_now: time_now)
77
- }.to_json
76
+ }
77
+
78
+ payload['x-amz-security-token'] = @session_token unless @session_token.nil?
79
+
80
+ payload.to_json
78
81
  end
79
82
 
80
83
  def canonical_request(host:, time_now:)
@@ -14,8 +14,8 @@ module Kafka
14
14
  sasl_oauth_token_provider:,
15
15
  sasl_aws_msk_iam_access_key_id:,
16
16
  sasl_aws_msk_iam_secret_key_id:,
17
- sasl_aws_msk_iam_aws_region:
18
- )
17
+ sasl_aws_msk_iam_aws_region:,
18
+ sasl_aws_msk_iam_session_token: nil)
19
19
  @logger = TaggedLogger.new(logger)
20
20
 
21
21
  @plain = Sasl::Plain.new(
@@ -42,6 +42,7 @@ module Kafka
42
42
  access_key_id: sasl_aws_msk_iam_access_key_id,
43
43
  secret_key_id: sasl_aws_msk_iam_secret_key_id,
44
44
  aws_region: sasl_aws_msk_iam_aws_region,
45
+ session_token: sasl_aws_msk_iam_session_token,
45
46
  logger: @logger,
46
47
  )
47
48
 
@@ -21,13 +21,12 @@ module Kafka
21
21
  # @param timeout [Integer] the read and write timeout, in seconds.
22
22
  # @param ssl_context [OpenSSL::SSL::SSLContext] which SSLContext the ssl connection should use
23
23
  # @raise [Errno::ETIMEDOUT] if the timeout is exceeded.
24
- def initialize(host, port, connect_timeout: nil, timeout: nil, ssl_context:, logger: nil)
24
+ def initialize(host, port, connect_timeout: nil, timeout: nil, ssl_context:)
25
25
  addr = Socket.getaddrinfo(host, nil)
26
26
  sockaddr = Socket.pack_sockaddr_in(port, addr[0][3])
27
27
 
28
28
  @connect_timeout = connect_timeout
29
29
  @timeout = timeout
30
- @logger = logger
31
30
 
32
31
  @tcp_socket = Socket.new(Socket.const_get(addr[0][0]), Socket::SOCK_STREAM, 0)
33
32
  @tcp_socket.setsockopt(Socket::IPPROTO_TCP, Socket::TCP_NODELAY, 1)
@@ -94,7 +93,6 @@ module Kafka
94
93
  def read(num_bytes)
95
94
  buffer = String.new
96
95
 
97
- @logger.debug "Reading #{num_bytes} bytes from #{@ssl_socket}"
98
96
  until buffer.length >= num_bytes
99
97
  begin
100
98
  # Unlike plain TCP sockets, SSL sockets don't support IO.select
@@ -103,8 +101,6 @@ module Kafka
103
101
  # catch exceptions from read_nonblock and gradually build up
104
102
  # our read buffer.
105
103
  buffer << @ssl_socket.read_nonblock(num_bytes - buffer.length)
106
-
107
- @logger.debug "Bytes read: #{buffer.length}"
108
104
  rescue IO::WaitReadable
109
105
  if select_with_timeout(@ssl_socket, :read)
110
106
  retry
data/lib/kafka/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Kafka
4
- VERSION = "1.4.2"
4
+ VERSION = "1.4.3"
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ruby-kafka-aws-iam
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.4.2
4
+ version: 1.4.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Daniel Schierbeck