|
|
|
/**
|
|
|
|
* Copyright 2016 Confluent Inc.
|
|
|
|
*
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
|
* You may obtain a copy of the License at
|
|
|
|
*
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
*
|
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
* See the License for the specific language governing permissions and
|
|
|
|
* limitations under the License.
|
|
|
|
*/
|
|
|
|
|
|
|
|
package kafka
|
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
|
|
|
"strings"
|
|
|
|
"sync"
|
|
|
|
"time"
|
|
|
|
"unsafe"
|
|
|
|
)
|
|
|
|
|
|
|
|
/*
|
|
|
|
#include "select_rdkafka.h"
|
|
|
|
#include <stdlib.h>
|
|
|
|
*/
|
|
|
|
import "C"
|
|
|
|
|
|
|
|
// OAuthBearerToken represents the data to be transmitted
|
|
|
|
// to a broker during SASL/OAUTHBEARER authentication.
|
|
|
|
type OAuthBearerToken struct {
|
|
|
|
// Token value, often (but not necessarily) a JWS compact serialization
|
|
|
|
// as per https://tools.ietf.org/html/rfc7515#section-3.1; it must meet
|
|
|
|
// the regular expression for a SASL/OAUTHBEARER value defined at
|
|
|
|
// https://tools.ietf.org/html/rfc7628#section-3.1
|
|
|
|
TokenValue string
|
|
|
|
// Metadata about the token indicating when it expires (local time);
|
|
|
|
// it must represent a time in the future
|
|
|
|
Expiration time.Time
|
|
|
|
// Metadata about the token indicating the Kafka principal name
|
|
|
|
// to which it applies (for example, "admin")
|
|
|
|
Principal string
|
|
|
|
// SASL extensions, if any, to be communicated to the broker during
|
|
|
|
// authentication (all keys and values of which must meet the regular
|
|
|
|
// expressions defined at https://tools.ietf.org/html/rfc7628#section-3.1,
|
|
|
|
// and it must not contain the reserved "auth" key)
|
|
|
|
Extensions map[string]string
|
|
|
|
}
|
|
|
|
|
|
|
|
// Handle represents a generic client handle containing common parts for
|
|
|
|
// both Producer and Consumer.
|
|
|
|
type Handle interface {
|
|
|
|
// SetOAuthBearerToken sets the the data to be transmitted
|
|
|
|
// to a broker during SASL/OAUTHBEARER authentication. It will return nil
|
|
|
|
// on success, otherwise an error if:
|
|
|
|
// 1) the token data is invalid (meaning an expiration time in the past
|
|
|
|
// or either a token value or an extension key or value that does not meet
|
|
|
|
// the regular expression requirements as per
|
|
|
|
// https://tools.ietf.org/html/rfc7628#section-3.1);
|
|
|
|
// 2) SASL/OAUTHBEARER is not supported by the underlying librdkafka build;
|
|
|
|
// 3) SASL/OAUTHBEARER is supported but is not configured as the client's
|
|
|
|
// authentication mechanism.
|
|
|
|
SetOAuthBearerToken(oauthBearerToken OAuthBearerToken) error
|
|
|
|
|
|
|
|
// SetOAuthBearerTokenFailure sets the error message describing why token
|
|
|
|
// retrieval/setting failed; it also schedules a new token refresh event for 10
|
|
|
|
// seconds later so the attempt may be retried. It will return nil on
|
|
|
|
// success, otherwise an error if:
|
|
|
|
// 1) SASL/OAUTHBEARER is not supported by the underlying librdkafka build;
|
|
|
|
// 2) SASL/OAUTHBEARER is supported but is not configured as the client's
|
|
|
|
// authentication mechanism.
|
|
|
|
SetOAuthBearerTokenFailure(errstr string) error
|
|
|
|
|
|
|
|
// gethandle() returns the internal handle struct pointer
|
|
|
|
gethandle() *handle
|
|
|
|
}
|
|
|
|
|
|
|
|
// Common instance handle for both Producer and Consumer
|
|
|
|
type handle struct {
|
|
|
|
rk *C.rd_kafka_t
|
|
|
|
rkq *C.rd_kafka_queue_t
|
|
|
|
|
|
|
|
// Forward logs from librdkafka log queue to logs channel.
|
|
|
|
logs chan LogEvent
|
|
|
|
logq *C.rd_kafka_queue_t
|
|
|
|
closeLogsChan bool
|
|
|
|
|
|
|
|
// Topic <-> rkt caches
|
|
|
|
rktCacheLock sync.Mutex
|
|
|
|
// topic name -> rkt cache
|
|
|
|
rktCache map[string]*C.rd_kafka_topic_t
|
|
|
|
// rkt -> topic name cache
|
|
|
|
rktNameCache map[*C.rd_kafka_topic_t]string
|
|
|
|
|
|
|
|
// Cached instance name to avoid CGo call in String()
|
|
|
|
name string
|
|
|
|
|
|
|
|
//
|
|
|
|
// cgo map
|
|
|
|
// Maps C callbacks based on cgoid back to its Go object
|
|
|
|
cgoLock sync.Mutex
|
|
|
|
cgoidNext uintptr
|
|
|
|
cgomap map[int]cgoif
|
|
|
|
|
|
|
|
//
|
|
|
|
// producer
|
|
|
|
//
|
|
|
|
p *Producer
|
|
|
|
|
|
|
|
// Forward delivery reports on Producer.Events channel
|
|
|
|
fwdDr bool
|
|
|
|
|
|
|
|
// Enabled message fields for delivery reports and consumed messages.
|
|
|
|
msgFields *messageFields
|
|
|
|
|
|
|
|
//
|
|
|
|
// consumer
|
|
|
|
//
|
|
|
|
c *Consumer
|
|
|
|
|
|
|
|
// WaitGroup to wait for spawned go-routines to finish.
|
|
|
|
waitGroup sync.WaitGroup
|
|
|
|
}
|
|
|
|
|
|
|
|
func (h *handle) String() string {
|
|
|
|
return h.name
|
|
|
|
}
|
|
|
|
|
|
|
|
func (h *handle) setup() {
|
|
|
|
h.rktCache = make(map[string]*C.rd_kafka_topic_t)
|
|
|
|
h.rktNameCache = make(map[*C.rd_kafka_topic_t]string)
|
|
|
|
h.cgomap = make(map[int]cgoif)
|
|
|
|
h.name = C.GoString(C.rd_kafka_name(h.rk))
|
|
|
|
if h.msgFields == nil {
|
|
|
|
h.msgFields = newMessageFields()
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (h *handle) cleanup() {
|
|
|
|
if h.logs != nil {
|
|
|
|
C.rd_kafka_queue_destroy(h.logq)
|
|
|
|
if h.closeLogsChan {
|
|
|
|
close(h.logs)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, crkt := range h.rktCache {
|
|
|
|
C.rd_kafka_topic_destroy(crkt)
|
|
|
|
}
|
|
|
|
|
|
|
|
if h.rkq != nil {
|
|
|
|
C.rd_kafka_queue_destroy(h.rkq)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (h *handle) setupLogQueue(logsChan chan LogEvent, termChan chan bool) {
|
|
|
|
if logsChan == nil {
|
|
|
|
logsChan = make(chan LogEvent, 10000)
|
|
|
|
h.closeLogsChan = true
|
|
|
|
}
|
|
|
|
|
|
|
|
h.logs = logsChan
|
|
|
|
|
|
|
|
// Let librdkafka forward logs to our log queue instead of the main queue
|
|
|
|
h.logq = C.rd_kafka_queue_new(h.rk)
|
|
|
|
C.rd_kafka_set_log_queue(h.rk, h.logq)
|
|
|
|
|
|
|
|
// Start a polling goroutine to consume the log queue
|
|
|
|
h.waitGroup.Add(1)
|
|
|
|
go func() {
|
|
|
|
h.pollLogEvents(h.logs, 100, termChan)
|
|
|
|
h.waitGroup.Done()
|
|
|
|
}()
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
// getRkt0 finds or creates and returns a C topic_t object from the local cache.
|
|
|
|
func (h *handle) getRkt0(topic string, ctopic *C.char, doLock bool) (crkt *C.rd_kafka_topic_t) {
|
|
|
|
if doLock {
|
|
|
|
h.rktCacheLock.Lock()
|
|
|
|
defer h.rktCacheLock.Unlock()
|
|
|
|
}
|
|
|
|
crkt, ok := h.rktCache[topic]
|
|
|
|
if ok {
|
|
|
|
return crkt
|
|
|
|
}
|
|
|
|
|
|
|
|
if ctopic == nil {
|
|
|
|
ctopic = C.CString(topic)
|
|
|
|
defer C.free(unsafe.Pointer(ctopic))
|
|
|
|
}
|
|
|
|
|
|
|
|
crkt = C.rd_kafka_topic_new(h.rk, ctopic, nil)
|
|
|
|
if crkt == nil {
|
|
|
|
panic(fmt.Sprintf("Unable to create new C topic \"%s\": %s",
|
|
|
|
topic, C.GoString(C.rd_kafka_err2str(C.rd_kafka_last_error()))))
|
|
|
|
}
|
|
|
|
|
|
|
|
h.rktCache[topic] = crkt
|
|
|
|
h.rktNameCache[crkt] = topic
|
|
|
|
|
|
|
|
return crkt
|
|
|
|
}
|
|
|
|
|
|
|
|
// getRkt finds or creates and returns a C topic_t object from the local cache.
|
|
|
|
func (h *handle) getRkt(topic string) (crkt *C.rd_kafka_topic_t) {
|
|
|
|
return h.getRkt0(topic, nil, true)
|
|
|
|
}
|
|
|
|
|
|
|
|
// getTopicNameFromRkt returns the topic name for a C topic_t object, preferably
|
|
|
|
// using the local cache to avoid a cgo call.
|
|
|
|
func (h *handle) getTopicNameFromRkt(crkt *C.rd_kafka_topic_t) (topic string) {
|
|
|
|
h.rktCacheLock.Lock()
|
|
|
|
defer h.rktCacheLock.Unlock()
|
|
|
|
|
|
|
|
topic, ok := h.rktNameCache[crkt]
|
|
|
|
if ok {
|
|
|
|
return topic
|
|
|
|
}
|
|
|
|
|
|
|
|
// we need our own copy/refcount of the crkt
|
|
|
|
ctopic := C.rd_kafka_topic_name(crkt)
|
|
|
|
topic = C.GoString(ctopic)
|
|
|
|
|
|
|
|
crkt = h.getRkt0(topic, ctopic, false /* dont lock */)
|
|
|
|
|
|
|
|
return topic
|
|
|
|
}
|
|
|
|
|
|
|
|
// cgoif is a generic interface for holding Go state passed as opaque
|
|
|
|
// value to the C code.
|
|
|
|
// Since pointers to complex Go types cannot be passed to C we instead create
|
|
|
|
// a cgoif object, generate a unique id that is added to the cgomap,
|
|
|
|
// and then pass that id to the C code. When the C code callback is called we
|
|
|
|
// use the id to look up the cgoif object in the cgomap.
|
|
|
|
type cgoif interface{}
|
|
|
|
|
|
|
|
// delivery report cgoif container
|
|
|
|
type cgoDr struct {
|
|
|
|
deliveryChan chan Event
|
|
|
|
opaque interface{}
|
|
|
|
}
|
|
|
|
|
|
|
|
// cgoPut adds object cg to the handle's cgo map and returns a
|
|
|
|
// unique id for the added entry.
|
|
|
|
// Thread-safe.
|
|
|
|
// FIXME: the uniquity of the id is questionable over time.
|
|
|
|
func (h *handle) cgoPut(cg cgoif) (cgoid int) {
|
|
|
|
h.cgoLock.Lock()
|
|
|
|
defer h.cgoLock.Unlock()
|
|
|
|
|
|
|
|
h.cgoidNext++
|
|
|
|
if h.cgoidNext == 0 {
|
|
|
|
h.cgoidNext++
|
|
|
|
}
|
|
|
|
cgoid = (int)(h.cgoidNext)
|
|
|
|
h.cgomap[cgoid] = cg
|
|
|
|
return cgoid
|
|
|
|
}
|
|
|
|
|
|
|
|
// cgoGet looks up cgoid in the cgo map, deletes the reference from the map
|
|
|
|
// and returns the object, if found. Else returns nil, false.
|
|
|
|
// Thread-safe.
|
|
|
|
func (h *handle) cgoGet(cgoid int) (cg cgoif, found bool) {
|
|
|
|
if cgoid == 0 {
|
|
|
|
return nil, false
|
|
|
|
}
|
|
|
|
|
|
|
|
h.cgoLock.Lock()
|
|
|
|
defer h.cgoLock.Unlock()
|
|
|
|
cg, found = h.cgomap[cgoid]
|
|
|
|
if found {
|
|
|
|
delete(h.cgomap, cgoid)
|
|
|
|
}
|
|
|
|
|
|
|
|
return cg, found
|
|
|
|
}
|
|
|
|
|
|
|
|
// setOauthBearerToken - see rd_kafka_oauthbearer_set_token()
|
|
|
|
func (h *handle) setOAuthBearerToken(oauthBearerToken OAuthBearerToken) error {
|
|
|
|
cTokenValue := C.CString(oauthBearerToken.TokenValue)
|
|
|
|
defer C.free(unsafe.Pointer(cTokenValue))
|
|
|
|
|
|
|
|
cPrincipal := C.CString(oauthBearerToken.Principal)
|
|
|
|
defer C.free(unsafe.Pointer(cPrincipal))
|
|
|
|
|
|
|
|
cErrstrSize := C.size_t(512)
|
|
|
|
cErrstr := (*C.char)(C.malloc(cErrstrSize))
|
|
|
|
defer C.free(unsafe.Pointer(cErrstr))
|
|
|
|
|
|
|
|
cExtensions := make([]*C.char, 2*len(oauthBearerToken.Extensions))
|
|
|
|
extensionSize := 0
|
|
|
|
for key, value := range oauthBearerToken.Extensions {
|
|
|
|
cExtensions[extensionSize] = C.CString(key)
|
|
|
|
defer C.free(unsafe.Pointer(cExtensions[extensionSize]))
|
|
|
|
extensionSize++
|
|
|
|
cExtensions[extensionSize] = C.CString(value)
|
|
|
|
defer C.free(unsafe.Pointer(cExtensions[extensionSize]))
|
|
|
|
extensionSize++
|
|
|
|
}
|
|
|
|
|
|
|
|
var cExtensionsToUse **C.char
|
|
|
|
if extensionSize > 0 {
|
|
|
|
cExtensionsToUse = (**C.char)(unsafe.Pointer(&cExtensions[0]))
|
|
|
|
}
|
|
|
|
|
|
|
|
cErr := C.rd_kafka_oauthbearer_set_token(h.rk, cTokenValue,
|
|
|
|
C.int64_t(oauthBearerToken.Expiration.UnixNano()/(1000*1000)), cPrincipal,
|
|
|
|
cExtensionsToUse, C.size_t(extensionSize), cErrstr, cErrstrSize)
|
|
|
|
if cErr == C.RD_KAFKA_RESP_ERR_NO_ERROR {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
return newErrorFromCString(cErr, cErrstr)
|
|
|
|
}
|
|
|
|
|
|
|
|
// setOauthBearerTokenFailure - see rd_kafka_oauthbearer_set_token_failure()
|
|
|
|
func (h *handle) setOAuthBearerTokenFailure(errstr string) error {
|
|
|
|
cerrstr := C.CString(errstr)
|
|
|
|
defer C.free(unsafe.Pointer(cerrstr))
|
|
|
|
cErr := C.rd_kafka_oauthbearer_set_token_failure(h.rk, cerrstr)
|
|
|
|
if cErr == C.RD_KAFKA_RESP_ERR_NO_ERROR {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
return newError(cErr)
|
|
|
|
}
|
|
|
|
|
|
|
|
// messageFields controls which fields are made available for producer delivery reports & consumed messages.
|
|
|
|
// true values indicate that the field should be included
|
|
|
|
type messageFields struct {
|
|
|
|
Key bool
|
|
|
|
Value bool
|
|
|
|
Headers bool
|
|
|
|
}
|
|
|
|
|
|
|
|
// disableAll disable all fields
|
|
|
|
func (mf *messageFields) disableAll() {
|
|
|
|
mf.Key = false
|
|
|
|
mf.Value = false
|
|
|
|
mf.Headers = false
|
|
|
|
}
|
|
|
|
|
|
|
|
// newMessageFields returns a new messageFields with all fields enabled
|
|
|
|
func newMessageFields() *messageFields {
|
|
|
|
return &messageFields{
|
|
|
|
Key: true,
|
|
|
|
Value: true,
|
|
|
|
Headers: true,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// newMessageFieldsFrom constructs a new messageFields from the given configuration value
|
|
|
|
func newMessageFieldsFrom(v ConfigValue) (*messageFields, error) {
|
|
|
|
msgFields := newMessageFields()
|
|
|
|
switch v {
|
|
|
|
case "all":
|
|
|
|
// nothing to do
|
|
|
|
case "", "none":
|
|
|
|
msgFields.disableAll()
|
|
|
|
default:
|
|
|
|
msgFields.disableAll()
|
|
|
|
for _, value := range strings.Split(v.(string), ",") {
|
|
|
|
switch value {
|
|
|
|
case "key":
|
|
|
|
msgFields.Key = true
|
|
|
|
case "value":
|
|
|
|
msgFields.Value = true
|
|
|
|
case "headers":
|
|
|
|
msgFields.Headers = true
|
|
|
|
default:
|
|
|
|
return nil, fmt.Errorf("unknown message field: %s", value)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return msgFields, nil
|
|
|
|
}
|