Initial declaration of OAuth and OIDC plugin and validator with unimplemented methods - https://issues.apache.org/jira/browse/AMQ-9400

This commit is contained in:
Boudjebla 2024-07-26 18:57:34 -07:00
parent 7de8e637ee
commit d913e62c6a
7 changed files with 159 additions and 1 deletions

View File

@ -0,0 +1,19 @@
# OAuth and OIDC Implementation for ActiveMQ
## Overview
This document outlines the plan to implement OAuth and OIDC authentication for ActiveMQ. The implementation will be done in a maxiumum of four stages:
1. Initial declaration of changes and setup.
2. Implementation of OAuth and OIDC methods.
3. Adding unit and integration tests.
4. Implementing logging for OAuth and OIDC operations.
## Plugin configuration in the activemq.xml file
<plugins>
<bean id="oidcAuthenticationPlugin" class="org.apache.activemq.security.OIDCAuthenticationPlugin">
<property name="clientId" value="YOUR_COMPANY_CLIENT_ID"/>
<property name="clientSecret" value="YOUR_COMPANY_CLIENT_SECRET"/>
<property name="oidcServerUrl" value="https://oidc-server.com"/>
<property name="oidcIssuer" value="https://oidc-issuer.com"/>
</bean>
</plugins>

View File

@ -0,0 +1,9 @@
# OAuth and OIDC Implementation for ActiveMQ
## Overview
This document outlines the plan to implement OAuth and OIDC authentication for ActiveMQ. The implementation will be done in a maxiumum of four stages:
1. Initial declaration of changes and setup.
2. Implementation of OAuth and OIDC methods.
3. Adding unit and integration tests.
4. Implementing logging for OAuth and OIDC operations.

View File

@ -51,6 +51,7 @@
<artifactId>jakarta.annotation-api</artifactId>
</dependency>
<!-- =============================== -->
<!-- Optional Dependencies -->
<!-- =============================== -->
@ -67,6 +68,23 @@
<optional>true</optional>
</dependency>
<!-- =============================== -->
<!-- oAuth and OIDC Dependencies -->
<!-- Nimbus JOSE + JWT dependencies -->
<!-- =============================== -->
<dependency>
<groupId>com.nimbusds</groupId>
<artifactId>oauth2-oidc-sdk</artifactId>
<version>9.15</version>
</dependency>
<dependency>
<groupId>com.nimbusds</groupId>
<artifactId>nimbus-jose-jwt</artifactId>
<version>9.40</version>
</dependency>
<!-- =============================== -->
<!-- Testing Dependencies -->
<!-- =============================== -->

View File

@ -0,0 +1,23 @@
package org.apache.activemq.security;
public class OAuthValidator {
private String clientId;
private String clientSecret;
private String oidcServerUrl;
private String oidcIssuer;
public OAuthValidator(String clientId, String clientSecret, String oidcServerUrl, String oidcIssuer) {
this.clientId = clientId;
this.clientSecret = clientSecret;
this.oidcServerUrl = oidcServerUrl;
this.oidcIssuer = oidcIssuer;
}
public void initialize() {
throw new UnsupportedOperationException("Method not implemented yet");
}
public boolean validateToken(String token) {
throw new UnsupportedOperationException("Method not implemented yet");
}
}

View File

@ -0,0 +1,68 @@
package org.apache.activemq.security;
import org.apache.activemq.broker.Broker;
import org.apache.activemq.broker.BrokerPlugin;
import org.apache.activemq.broker.BrokerPluginSupport;
import org.apache.activemq.command.ConnectionInfo;
import org.apache.activemq.security.OIDCSecurityContext;
public class OIDCAuthenticationPlugin implements BrokerPlugin {
private String clientId;
private String clientSecret;
private String oidcServerUrl;
private String oidcIssuer;
@Override
public Broker installPlugin(Broker broker) {
return new OIDCBroker(broker);
}
private class OIDCBroker extends BrokerPluginSupport {
private final Broker next;
public OIDCBroker(Broker next) {
this.next = next;
}
@Override
public void addConnection(org.apache.activemq.broker.ConnectionContext context, ConnectionInfo info) throws Exception {
throw new UnsupportedOperationException("Method not implemented yet");
}
private OIDCSecurityContext authenticate(String token) {
throw new UnsupportedOperationException("Method not implemented yet");
}
}
public String getClientId() {
return clientId;
}
public void setClientId(String clientId) {
this.clientId = clientId;
}
public String getClientSecret() {
return clientSecret;
}
public void setClientSecret(String clientSecret) {
this.clientSecret = clientSecret;
}
public String getOidcServerUrl() {
return oidcServerUrl;
}
public void setOidcServerUrl(String oidcServerUrl) {
this.oidcServerUrl = oidcServerUrl;
}
public String getOidcIssuer() {
return oidcIssuer;
}
public void setOidcIssuer(String oidcIssuer) {
this.oidcIssuer = oidcIssuer;
}
}

View File

@ -0,0 +1,18 @@
package org.apache.activemq.security;
import java.security.Principal;
import java.util.Set;
public class OIDCSecurityContext extends SecurityContext {
private final Set<Principal> principals;
public OIDCSecurityContext(String userName, Set<Principal> principals) {
super(userName);
this.principals = principals;
}
@Override
public Set<Principal> getPrincipals() {
return principals;
}
}

View File

@ -34,6 +34,9 @@
<transportConnectors>
<transportConnector name="openwire" uri="tcp://localhost:61616" />
<transportConnector name="stomp" uri="stomp://localhost:61613" />
<!-- Add Jetty Transport Connector for Web Console -->
<transportConnector name="jetty" uri="http://localhost:8161"/>
</transportConnectors>
</broker>