Marko Strukelj
Marko Strukelj
One of the main value propositions of using OAuth is to allow users to keep their passwords private - not leak them to third party servers, not store them into...
Have you tried to configure your authorization server with AD as identity provider? Usually authorization servers allow you to map AD / LDAP users and groups using some query syntax...
There is an `oauth.refresh.token` option which you can use. Rather than having to configure your Kafka client with username and password in clear text, a human configuring the client can...
Sounds like the input to `base64` contained a character outside base64 valid ascii range, possibly a newline char?
Seems like you already have an idea how you would like the configuration to look like and how the execution flow would go differently compared to configuring the client credentials...
@robbertvanwaveren Thanks for the PR. Could you also add some documentation in README.md to explain the circumstances when one would want to use this, and how the workflow works in...
@robbertvanwaveren Not at the moment. This PR still has to be thoroughly reviewed. Currently I'm busy doing the 0.11.0 release, and integrating the functionality into the main [Strimzi Project](https://github.com/strimzi/strimzi-kafka-operator). I'll...
How do you have your Kafka client configured? What you see is explained in the [troubleshooting chapter](https://github.com/strimzi/strimzi-kafka-oauth#token-validation-failed-unknown-signing-key-kid) of the README.md. It means that the token used by Kafka client was...
> 1. Pre-migration from Keycloak to ACLs to allow configuration before changing authorizer > 2. Post-migration from ACLs to Keycloak, as a reference > 3. Mirrored from another cluster (?)...