Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable runtime configuration #2

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Enable runtime configuration #2

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
86fc626
Move SignedPayloadGenerator configs to config.exs
brunolouvem Aug 1, 2024
ac994f7
Update documentation
brunolouvem Aug 1, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 15 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,21 @@ end
## Usage

Broadway Kafka supports connecting to Kafka broker via SASL authentication. The following sample configuration shows how `ex_aws_msk_iam_auth` plugin can be used with it.


A configuration of region is required if you have an intention to
use this library in regions other than "us-east-1" (the default region).

```elixir
# config.exs
config :ex_aws_msk_iam_auth
region: "us-east-2"

# or in runtime.exs

config :ex_aws_msk_iam_auth
region: System.get_env("AWS_REGION")
```

Ref: https://hexdocs.pm/broadway_kafka/BroadwayKafka.Producer.html#module-client-config-options

```elixir
Expand Down
7 changes: 6 additions & 1 deletion config/config.exs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,11 @@
import Config

config :ex_aws_msk_iam_auth,
region: "us-east-2"
region: "us-east-1",
service: "kafka-cluster",
version: "2020_10_22",
user_agent: "msk-elixir-client",
# 15 minutes
ttl: 900

import_config "#{Mix.env()}.exs"
28 changes: 16 additions & 12 deletions lib/signed_payload_generator.ex
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,14 +8,8 @@ defmodule SignedPayloadGenerator do

@callback get_msk_signed_payload(binary(), DateTime.t(), binary(), binary()) :: binary()

# TODO: Make service, region, user_agent, version and ttl runtime configurable
@service "kafka-cluster"
@region Application.compile_env(:ex_aws_msk_iam_auth, :region, "us-east-2")
@required_opts ~w(service region user_agent version ttl)a
@method "GET"
@version "2020_10_22"
@user_agent "msk-elixir-client"
# 15 minutes
@ttl 900

@doc """
Builds AWS4 signed AWS_MSK_IAM payload needed for making SASL authentication request with broker
Expand All @@ -32,13 +26,13 @@ defmodule SignedPayloadGenerator do
:aws_signature.sign_v4_query_params(
aws_secret_key_id,
aws_secret_access_key,
@region,
@service,
config(:region),
config(:service),
# Formats to {{now.year, now.month, now.day}, {now.hour, now.minute, now.second}}
now |> NaiveDateTime.to_erl(),
@method,
url,
ttl: @ttl
ttl: config(:ttl)
)

url_map = :aws_signature_utils.parse_url(aws_v4_signed_query)
Expand All @@ -51,10 +45,20 @@ defmodule SignedPayloadGenerator do
# Building rest of the payload in the format from Java reference implementation
signed_payload =
signed_payload
|> Map.put("version", @version)
|> Map.put("version", config(:version))
|> Map.put("host", url_map[:host])
|> Map.put("user-agent", @user_agent)
|> Map.put("user-agent", config(:user_agent))

Jason.encode!(signed_payload)
end

defp config(key) do
config = Application.fetch_env!(:ex_aws_msk_iam_auth, key)

unless key in @required_opts and is_nil(config) do
raise "Missing required config value for the key: #{inspect(key)}"
end

config
end
end