[Bug] tlsTrustCertsFilePath does not work for OAuth2 authentication #363
Comments
BewareMyPower
added a commit
to BewareMyPower/pulsar-client-cpp
that referenced
this issue
Dec 5, 2023
|
The workflow here can describe this issue more clearly. const auto caPath = "/etc/ssl/certs/my-cert.crt";
/* ... */
ClientConfiguration conf;
conf.setTlsTrustCertsFilePath(caPath);
auto params = gCommonParams;
params["private_key"] = "file://" + gKeyPath;
conf.setAuth(AuthOauth2::create(params));The code above shows the default CA cert ( |
BewareMyPower
added a commit
to BewareMyPower/pulsar-client-cpp
that referenced
this issue
Dec 12, 2023
…nux, macOS) ### Motivation Currently we manage dependencies by ourselves: - When running unit tests in CI, dependencies are installed from the Debian package management tool `apt` - When verifying macOS build, dependencies are installed from the Homebrew package manager - When verifying Windows build, dependencies are installed via vcpkg but no versions are specified - When building pre-built binaries to release, dependencies are installed by scripts under `pkg/` directories. These scripts download the source code according to `dependencies.yaml` and build It makes the pre-built binaries never tested except for the simple manual tests when voting for a new release. As a result, regression like apache#363 could happen. This patch aims at integrating vcpkg to manage dependencies for all platforms, not only for Windows. ### Modifications Integrate the CMakeLists.txt with vcpkg by: 1. Introduce vcpkg as a submodule of this project 2. Update `vcpkg.json` to specify dependency versions. 3. Set `CMAKE_TOOLCHAIN_FILE` with the `vcpkg.cmake` in the submodule. Then, we can simply use `find_package` to find all dependencies and depend on them via a target like `CURL::libcurl` to have all include directores and link libraries. Update the `unit-tests` workflow to verify building the binaries via vcpkg to test. The README is also updated to show how much simpler to build with vcpkg now. ### TODO There are still some tasks that cannot be done by vcpkg: 1. The static library (e.g. `libpulsarwithdeps.a`) that bundles all 3rd-party dependencies. 2. The pre-built binaries are still built by scripts under `./pkg` directory. Specifically, vcpkg does not work with GCC 4.8 so on CentOS 7 we still need to build dependencies manually. So the previous CMakeLists.txt are retained and will be used if `INTEGRATE_VCPKG` is OFF (by default). They will be removed until the task above can be done by vcpkg in future.
BewareMyPower
added a commit
to BewareMyPower/pulsar-client-cpp
that referenced
this issue
Dec 12, 2023
…nux, macOS) ### Motivation Currently we manage dependencies by ourselves: - When running unit tests in CI, dependencies are installed from the Debian package management tool `apt` - When verifying macOS build, dependencies are installed from the Homebrew package manager - When verifying Windows build, dependencies are installed via vcpkg but no versions are specified - When building pre-built binaries to release, dependencies are installed by scripts under `pkg/` directories. These scripts download the source code according to `dependencies.yaml` and build It makes the pre-built binaries never tested except for the simple manual tests when voting for a new release. As a result, regression like apache#363 could happen. This patch aims at integrating vcpkg to manage dependencies for all platforms, not only for Windows. ### Modifications Integrate the CMakeLists.txt with vcpkg by: 1. Introduce vcpkg as a submodule of this project 2. Update `vcpkg.json` to specify dependency versions. 3. Set `CMAKE_TOOLCHAIN_FILE` with the `vcpkg.cmake` in the submodule. Then, we can simply use `find_package` to find all dependencies and depend on them via a target like `CURL::libcurl` to have all include directores and link libraries. Update the `unit-tests` workflow to verify building the binaries via vcpkg to test. The README is also updated to show how much simpler to build with vcpkg now. ### TODO There are still some tasks that cannot be done by vcpkg: 1. The static library (e.g. `libpulsarwithdeps.a`) that bundles all 3rd-party dependencies. 2. The pre-built binaries are still built by scripts under `./pkg` directory. Specifically, vcpkg does not work with GCC 4.8 so on CentOS 7 we still need to build dependencies manually. So the previous CMakeLists.txt are retained and will be used if `INTEGRATE_VCPKG` is OFF (by default). They will be removed until the task above can be done by vcpkg in future.
BewareMyPower
added a commit
to BewareMyPower/pulsar-client-cpp
that referenced
this issue
Dec 12, 2023
…nux, macOS) ### Motivation Currently we manage dependencies by ourselves: - When running unit tests in CI, dependencies are installed from the Debian package management tool `apt` - When verifying macOS build, dependencies are installed from the Homebrew package manager - When verifying Windows build, dependencies are installed via vcpkg but no versions are specified - When building pre-built binaries to release, dependencies are installed by scripts under `pkg/` directories. These scripts download the source code according to `dependencies.yaml` and build It makes the pre-built binaries never tested except for the simple manual tests when voting for a new release. As a result, regression like apache#363 could happen. This patch aims at integrating vcpkg to manage dependencies for all platforms, not only for Windows. ### Modifications Integrate the CMakeLists.txt with vcpkg by: 1. Introduce vcpkg as a submodule of this project 2. Update `vcpkg.json` to specify dependency versions. 3. Set `CMAKE_TOOLCHAIN_FILE` with the `vcpkg.cmake` in the submodule. Then, we can simply use `find_package` to find all dependencies and depend on them via a target like `CURL::libcurl` to have all include directores and link libraries. Update the `unit-tests` workflow to verify building the binaries via vcpkg to test. The README is also updated to show how much simpler to build with vcpkg now. ### TODO There are still some tasks that cannot be done by vcpkg: 1. The static library (e.g. `libpulsarwithdeps.a`) that bundles all 3rd-party dependencies. 2. The pre-built binaries are still built by scripts under `./pkg` directory. Specifically, vcpkg does not work with GCC 4.8 so on CentOS 7 we still need to build dependencies manually. So the previous CMakeLists.txt are retained and will be used if `INTEGRATE_VCPKG` is OFF (by default). They will be removed until the task above can be done by vcpkg in future.
BewareMyPower
added a commit
to BewareMyPower/pulsar-client-cpp
that referenced
this issue
Dec 12, 2023
…nux, macOS) ### Motivation Currently we manage dependencies by ourselves: - When running unit tests in CI, dependencies are installed from the Debian package management tool `apt` - When verifying macOS build, dependencies are installed from the Homebrew package manager - When verifying Windows build, dependencies are installed via vcpkg but no versions are specified - When building pre-built binaries to release, dependencies are installed by scripts under `pkg/` directories. These scripts download the source code according to `dependencies.yaml` and build It makes the pre-built binaries never tested except for the simple manual tests when voting for a new release. As a result, regression like apache#363 could happen. This patch aims at integrating vcpkg to manage dependencies for all platforms, not only for Windows. ### Modifications Integrate the CMakeLists.txt with vcpkg by: 1. Introduce vcpkg as a submodule of this project 2. Update `vcpkg.json` to specify dependency versions. 3. Set `CMAKE_TOOLCHAIN_FILE` with the `vcpkg.cmake` in the submodule. Then, we can simply use `find_package` to find all dependencies and depend on them via a target like `CURL::libcurl` to have all include directores and link libraries. Update the `unit-tests` workflow to verify building the binaries via vcpkg to test. The README is also updated to show how much simpler to build with vcpkg now. ### TODO There are still some tasks that cannot be done by vcpkg: 1. The static library (e.g. `libpulsarwithdeps.a`) that bundles all 3rd-party dependencies. 2. The pre-built binaries are still built by scripts under `./pkg` directory. Specifically, vcpkg does not work with GCC 4.8 so on CentOS 7 we still need to build dependencies manually. So the previous CMakeLists.txt are retained and will be used if `INTEGRATE_VCPKG` is OFF (by default). They will be removed until the task above can be done by vcpkg in future.
BewareMyPower
added a commit
to BewareMyPower/pulsar-client-cpp
that referenced
this issue
Dec 12, 2023
…nux, macOS) ### Motivation Currently we manage dependencies by ourselves: - When running unit tests in CI, dependencies are installed from the Debian package management tool `apt` - When verifying macOS build, dependencies are installed from the Homebrew package manager - When verifying Windows build, dependencies are installed via vcpkg but no versions are specified - When building pre-built binaries to release, dependencies are installed by scripts under `pkg/` directories. These scripts download the source code according to `dependencies.yaml` and build It makes the pre-built binaries never tested except for the simple manual tests when voting for a new release. As a result, regression like apache#363 could happen. This patch aims at integrating vcpkg to manage dependencies for all platforms, not only for Windows. ### Modifications Integrate the CMakeLists.txt with vcpkg by: 1. Introduce vcpkg as a submodule of this project 2. Update `vcpkg.json` to specify dependency versions. 3. Set `CMAKE_TOOLCHAIN_FILE` with the `vcpkg.cmake` in the submodule. Then, we can simply use `find_package` to find all dependencies and depend on them via a target like `CURL::libcurl` to have all include directores and link libraries. Update the `unit-tests` workflow to verify building the binaries via vcpkg to test. The README is also updated to show how much simpler to build with vcpkg now. ### TODO There are still some tasks that cannot be done by vcpkg: 1. The static library (e.g. `libpulsarwithdeps.a`) that bundles all 3rd-party dependencies. 2. The pre-built binaries are still built by scripts under `./pkg` directory. Specifically, vcpkg does not work with GCC 4.8 so on CentOS 7 we still need to build dependencies manually. So the previous CMakeLists.txt are retained and will be used if `INTEGRATE_VCPKG` is OFF (by default). They will be removed until the task above can be done by vcpkg in future. We also need to update `dependencies.yaml` to be consistent with `vcpkg.json` if all tasks above cannot be replaced by vcpkg.
BewareMyPower
added a commit
that referenced
this issue
Dec 15, 2023
### Motivation Currently we manage dependencies by ourselves: - When running unit tests in CI, dependencies are installed from the Debian package management tool `apt` - When verifying macOS build, dependencies are installed from the Homebrew package manager - When verifying Windows build, dependencies are installed via vcpkg but no versions are specified - When building pre-built binaries to release, dependencies are installed by scripts under `pkg/` directories. These scripts download the source code according to `dependencies.yaml` and build It makes the pre-built binaries never tested except for the simple manual tests when voting for a new release. As a result, regression like #363 could happen. This patch aims at integrating vcpkg to manage dependencies for all platforms, not only for Windows. ### Modifications Integrate the CMakeLists.txt with vcpkg by: 1. Introduce vcpkg as a submodule of this project 2. Update `vcpkg.json` to specify dependency versions. 3. Set `CMAKE_TOOLCHAIN_FILE` with the `vcpkg.cmake` in the submodule. Then, we can simply use `find_package` to find all dependencies and depend on them via a target like `CURL::libcurl` to have all include directores and link libraries. Update the `unit-tests` workflow to verify building the binaries via vcpkg to test. The README is also updated to show how much simpler to build with vcpkg now. ### TODO There are still some tasks that cannot be done by vcpkg: 1. The static library (e.g. `libpulsarwithdeps.a`) that bundles all 3rd-party dependencies. 2. The pre-built binaries are still built by scripts under `./pkg` directory. Specifically, vcpkg does not work with GCC 4.8 so on CentOS 7 we still need to build dependencies manually. So the previous CMakeLists.txt are retained and will be used if `INTEGRATE_VCPKG` is OFF (by default). They will be removed until the task above can be done by vcpkg in future. We also need to update `dependencies.yaml` to be consistent with `vcpkg.json` if all tasks above cannot be replaced by vcpkg.
BewareMyPower
added a commit
to streamnative/pulsar-client-cpp
that referenced
this issue
Jul 4, 2024
### Motivation Currently we manage dependencies by ourselves: - When running unit tests in CI, dependencies are installed from the Debian package management tool `apt` - When verifying macOS build, dependencies are installed from the Homebrew package manager - When verifying Windows build, dependencies are installed via vcpkg but no versions are specified - When building pre-built binaries to release, dependencies are installed by scripts under `pkg/` directories. These scripts download the source code according to `dependencies.yaml` and build It makes the pre-built binaries never tested except for the simple manual tests when voting for a new release. As a result, regression like apache#363 could happen. This patch aims at integrating vcpkg to manage dependencies for all platforms, not only for Windows. ### Modifications Integrate the CMakeLists.txt with vcpkg by: 1. Introduce vcpkg as a submodule of this project 2. Update `vcpkg.json` to specify dependency versions. 3. Set `CMAKE_TOOLCHAIN_FILE` with the `vcpkg.cmake` in the submodule. Then, we can simply use `find_package` to find all dependencies and depend on them via a target like `CURL::libcurl` to have all include directores and link libraries. Update the `unit-tests` workflow to verify building the binaries via vcpkg to test. The README is also updated to show how much simpler to build with vcpkg now. ### TODO There are still some tasks that cannot be done by vcpkg: 1. The static library (e.g. `libpulsarwithdeps.a`) that bundles all 3rd-party dependencies. 2. The pre-built binaries are still built by scripts under `./pkg` directory. Specifically, vcpkg does not work with GCC 4.8 so on CentOS 7 we still need to build dependencies manually. So the previous CMakeLists.txt are retained and will be used if `INTEGRATE_VCPKG` is OFF (by default). They will be removed until the task above can be done by vcpkg in future. We also need to update `dependencies.yaml` to be consistent with `vcpkg.json` if all tasks above cannot be replaced by vcpkg. (cherry picked from commit 7baa312)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Search before asking
Version
OS: macOS m1
Client: https://archive.apache.org/dist/pulsar/pulsar-client-cpp-3.4.1/
Minimal reproduce step
The same reproduce steps with #184
What did you expect to see?
What did you see instead?
Even if
setTlsTrustCertsFilePathis configured, the OAuth2 authentication will still fail.Anything else?
It's a regression brought by #313, the
tlsTrustCertsFilePathconfig didn't work for OAuth2.pulsar-client-cpp/lib/auth/AuthOauth2.cc
Line 346 in 63d494f
The last argument is
nullptr, i.e.CurlWrapperdoes not load any CA certs forAuthOauth2::authenticate.While you can see it's applied in
pulsar-client-cpp/lib/auth/AuthOauth2.cc
Lines 232 to 237 in 63d494f
Are you willing to submit a PR?
The text was updated successfully, but these errors were encountered: