feat: add Azure IMDS authentication support#371
Open
Emanuele Sabellico (emasab) wants to merge 1 commit intomasterfrom
Open
feat: add Azure IMDS authentication support#371Emanuele Sabellico (emasab) wants to merge 1 commit intomasterfrom
Emanuele Sabellico (emasab) wants to merge 1 commit intomasterfrom
Conversation
- Updated CHANGELOG.md for v1.6.0 release with enhancements. - Changed librdkafka version to dev_oauthbearer_metadata_based (to be changed later) - Implemented Azure IMDS OAuth client and token provider. - Added support for Azure IMDS in RestService. - Refactor RestService bearer authentication methods. - Added tests for Azure IMDS OAuth client functionality.
There was a problem hiding this comment.
Pull Request Overview
This PR adds Azure IMDS (Instance Metadata Service) OAuth authentication support to the TypeScript Schema Registry client, enabling authentication using Azure managed identities.
- Implements Azure IMDS OAuth client with token fetching and expiration handling
- Refactors OAuth authentication architecture with abstract base classes and builder pattern
- Adds comprehensive test coverage for Azure IMDS functionality
Reviewed Changes
Copilot reviewed 14 out of 16 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| schemaregistry/oauth/oauth-client-azure-imds.ts | New Azure IMDS OAuth client implementation with token management |
| schemaregistry/oauth/abstract-oauth-client.ts | New abstract base classes for OAuth clients and token providers |
| schemaregistry/oauth/bearer-token-provider.ts | New interface definitions for bearer token providers |
| schemaregistry/oauth/static-token-provider.ts | New static token provider implementation |
| schemaregistry/oauth/oauth-client.ts | Refactored existing OAuth client to use new abstract architecture |
| schemaregistry/rest-service.ts | Updated to use new bearer token provider architecture |
| schemaregistry/test/oauth-client-azure-imds.spec.ts | Comprehensive test suite for Azure IMDS OAuth functionality |
| schemaregistry/test/oauth-client.spec.ts | Updated tests to work with refactored OAuth client |
| schemaregistry-examples/src/kafka-oauth.ts | Added example demonstrating Azure IMDS usage |
| schemaregistry-examples/src/constants.ts | Added Azure IMDS configuration constant |
| package.json | Updated librdkafka version to development branch |
| lib/error.js | Updated version comment to match new librdkafka version |
| deps/librdkafka | Updated submodule to development branch |
| CHANGELOG.md | Added v1.6.0 release notes |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
|
|
||
| ### Enhancements | ||
|
|
||
| 1. References librdkafka v2.12.0. Refer to the [librdkafka v2.12.0 release notes](https://github.com/confluentinc/librdkafka/releases/tag/v2.12.0) for more information. |
There was a problem hiding this comment.
The changelog references librdkafka v2.12.0 but the package.json uses "dev_oauthbearer_metadata_based". These versions should be consistent.
Suggested change
| 1. References librdkafka v2.12.0. Refer to the [librdkafka v2.12.0 release notes](https://github.com/confluentinc/librdkafka/releases/tag/v2.12.0) for more information. | |
| 1. References librdkafka "dev_oauthbearer_metadata_based". Refer to the [librdkafka dev_oauthbearer_metadata_based branch](https://github.com/confluentinc/librdkafka/tree/dev_oauthbearer_metadata_based) for more information. |
| tokenPath, | ||
| scope, | ||
| scope | ||
| } |
There was a problem hiding this comment.
Missing semicolon after the bearerAuthCredentials object declaration.
Suggested change
| } | |
| }; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Please prefix all TypeScript pull-requests with
[Typescript]What
Checklist
References
JIRA:
Test & Review
Unit tests are present. Will attach test results on an Azure instance.
Open questions / Follow-ups