|
| 1 | +#!/usr/bin/env python |
| 2 | +# -*- coding: utf-8 -*- |
| 3 | +# |
| 4 | +# Copyright 2025 Confluent Inc. |
| 5 | +# |
| 6 | +# Licensed under the Apache License, Version 2.0 (the "License"); |
| 7 | +# you may not use this file except in compliance with the License. |
| 8 | +# You may obtain a copy of the License at |
| 9 | +# |
| 10 | +# http://www.apache.org/licenses/LICENSE-2.0 |
| 11 | +# |
| 12 | +# Unless required by applicable law or agreed to in writing, software |
| 13 | +# distributed under the License is distributed on an "AS IS" BASIS, |
| 14 | +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 15 | +# See the License for the specific language governing permissions and |
| 16 | +# limitations under the License. |
| 17 | + |
| 18 | +# Examples of setting up Schema Registry with OAuth with static token, |
| 19 | +# Client Credentials, and custom functions |
| 20 | + |
| 21 | + |
| 22 | +# CUSTOM OAuth configuration takes in a custom function, config for that |
| 23 | +# function, and returns the fields shown below. All fields must be returned |
| 24 | +# for OAuth authentication to work |
| 25 | + |
| 26 | + |
| 27 | +from confluent_kafka.schema_registry.schema_registry_client import SchemaRegistryClient |
| 28 | + |
| 29 | + |
| 30 | +def main(): |
| 31 | + static_oauth_config = {'url': 'https://psrc-123456.us-east-1.aws.confluent.cloud', |
| 32 | + 'bearer.auth.credentials.source': 'STATIC_TOKEN', |
| 33 | + 'bearer.auth.token': 'static-token', |
| 34 | + 'bearer.auth.logical.cluster': 'lsrc-12345', |
| 35 | + 'bearer.auth.identity.pool.id': 'pool-abcd'} |
| 36 | + static_oauth_sr_client = SchemaRegistryClient(static_oauth_config) |
| 37 | + print(static_oauth_sr_client.get_subjects()) |
| 38 | + |
| 39 | + client_credentials_oauth_config = { |
| 40 | + 'url': 'https://psrc-123456.us-east-1.aws.confluent.cloud', |
| 41 | + 'bearer.auth.credentials.source': 'OAUTHBEARER', |
| 42 | + 'bearer.auth.client.id': 'client-id', |
| 43 | + 'bearer.auth.client.secret': 'client-secret', |
| 44 | + 'bearer.auth.scope': 'schema_registry', |
| 45 | + 'bearer.auth.issuer.endpoint.url': 'https://yourauthprovider.com/v1/token', |
| 46 | + 'bearer.auth.logical.cluster': 'lsrc-12345', |
| 47 | + 'bearer.auth.identity.pool.id': 'pool-abcd'} |
| 48 | + |
| 49 | + client_credentials_oauth_sr_client = SchemaRegistryClient(client_credentials_oauth_config) |
| 50 | + print(client_credentials_oauth_sr_client.get_subjects()) |
| 51 | + |
| 52 | + def custom_oauth_function(config): |
| 53 | + return config |
| 54 | + |
| 55 | + custom_config = {'bearer.auth.token': 'example-token', |
| 56 | + 'bearer.auth.logical.cluster': 'lsrc-12345', 'bearer.auth.identity.pool.id': 'pool-abcd'} |
| 57 | + |
| 58 | + custom_sr_config = {'url': 'https://psrc-123456.us-east-1.aws.confluent.cloud', |
| 59 | + 'bearer.auth.credentials.source': 'CUSTOM', |
| 60 | + 'bearer.auth.custom.provider.function': custom_oauth_function, |
| 61 | + 'bearer.auth.custom.provider.config': custom_config} |
| 62 | + |
| 63 | + custom_sr_client = SchemaRegistryClient(custom_sr_config) |
| 64 | + print(custom_sr_client.get_subjects()) |
| 65 | + |
| 66 | + |
| 67 | +if __name__ == '__main__': |
| 68 | + main() |
0 commit comments