Pulsar JMS Client all package - relocate Pulsar classes and use Pulsa…

…r Client shaded depenencies

pulsar-jms-all/pom.xml

@@ -34,6 +34,26 @@
       <groupId>${project.groupId}</groupId>
       <artifactId>pulsar-jms</artifactId>
       <version>${project.version}</version>
+      <exclusions>
+        <exclusion>
+          <groupId>org.apache.pulsar</groupId>
+          <artifactId>pulsar-client-original</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.apache.pulsar</groupId>
+          <artifactId>pulsar-client-admin-original</artifactId>
+        </exclusion>
+      </exclusions>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.pulsar</groupId>
+      <artifactId>pulsar-client</artifactId>
+      <version>${pulsar.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.pulsar</groupId>
+      <artifactId>pulsar-client-admin</artifactId>
+      <version>${pulsar.version}</version>
     </dependency>
     <dependency>
       <groupId>org.slf4j</groupId>
@@ -70,6 +90,15 @@
               </excludes>
             </filter>
           </filters>
+          <relocations>
+            <relocation>
+              <pattern>org.apache.pulsar.</pattern>
+              <shadedPattern>com.datastax.oss.pulsar.jms.shaded.org.apache.pulsar.</shadedPattern>
+              <excludes>
+                <exclude>org.apache.pulsar.shade.**</exclude>
+              </excludes>
+            </relocation>
+          </relocations>
         </configuration>
         <executions>
           <execution>

pulsar-jms-integration-tests/src/test/java/com/datastax/oss/pulsar/jms/tests/DockerTest.java

@@ -17,13 +17,17 @@
 
 import static org.junit.Assume.assumeTrue;
 import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 import com.datastax.oss.pulsar.jms.PulsarConnectionFactory;
+import com.datastax.oss.pulsar.jms.shaded.org.apache.pulsar.client.impl.auth.AuthenticationToken;
+import java.nio.charset.StandardCharsets;
 import java.util.HashMap;
 import java.util.Map;
 import javax.jms.Destination;
 import javax.jms.JMSContext;
 import org.junit.jupiter.api.Test;
+import org.testcontainers.shaded.org.apache.commons.io.IOUtils;
 
 public class DockerTest {
 
@@ -64,6 +68,17 @@ private void test(String image, boolean transactions) throws Exception {
       properties.put("brokerServiceUrl", pulsarContainer.getPulsarBrokerUrl());
       properties.put("webServiceUrl", pulsarContainer.getHttpServiceUrl());
       properties.put("enableTransaction", transactions);
+
+      // here we are using the repackaged Pulsar client and actually the class name is
+      assertTrue(
+          AuthenticationToken.class.getName().startsWith("com.datastax.oss.pulsar.jms.shaded"));
+
+      properties.put("authPlugin", "org.apache.pulsar.client.impl.auth.AuthenticationToken");
+      String token =
+          IOUtils.toString(
+              DockerTest.class.getResourceAsStream("/token.jwt"), StandardCharsets.UTF_8);
+      properties.put("authParams", "token:" + token.trim());
+
       try (PulsarConnectionFactory factory = new PulsarConnectionFactory(properties);
           JMSContext context =
               factory.createContext(

pulsar-jms-integration-tests/src/test/java/com/datastax/oss/pulsar/jms/tests/PulsarContainer.java

@@ -27,7 +27,6 @@ public class PulsarContainer implements AutoCloseable {
   private GenericContainer<?> pulsarContainer;
   private final String dockerImageVersion;
   private boolean transactions;
-
   public static final int BROKER_PORT = 6650;
   public static final int BROKER_HTTP_PORT = 8080;
 
@@ -38,6 +37,7 @@ public PulsarContainer(String dockerImageVersion, boolean transactions) {
 
   public void start() throws Exception {
     CountDownLatch pulsarReady = new CountDownLatch(1);
+
     pulsarContainer =
         new GenericContainer<>(dockerImageVersion)
             .withExposedPorts(BROKER_PORT, BROKER_HTTP_PORT)
@@ -55,6 +55,15 @@ public void start() throws Exception {
         "/pulsar/conf/standalone.conf",
         BindMode.READ_ONLY);
 
+    pulsarContainer.withClasspathResourceMapping(
+        "secret-key.key", "/pulsar/conf/secret-key.key", BindMode.READ_ONLY);
+
+    pulsarContainer.withClasspathResourceMapping(
+        "admin-token.jwt", "/pulsar/conf/admin-token.jwt", BindMode.READ_ONLY);
+
+    pulsarContainer.withClasspathResourceMapping(
+        "client.conf", "/pulsar/conf/client.conf", BindMode.READ_ONLY);
+
     pulsarContainer.start();
 
     assertTrue(pulsarReady.await(1, TimeUnit.MINUTES));

pulsar-jms-integration-tests/src/test/java/com/datastax/oss/pulsar/jms/tests/RelocatedClassesTest.java

@@ -0,0 +1,61 @@
+/*
+ * Copyright DataStax, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.datastax.oss.pulsar.jms.tests;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+import com.datastax.oss.pulsar.jms.PulsarConnectionFactory;
+import com.datastax.oss.pulsar.jms.shaded.org.apache.pulsar.client.impl.auth.AuthenticationToken;
+import java.util.HashMap;
+import java.util.Map;
+import org.junit.jupiter.api.Test;
+
+public class RelocatedClassesTest {
+
+  @Test
+  public void test() throws Exception {
+    Map<String, Object> properties = new HashMap<>();
+
+    // here we are using the repackaged Pulsar client and actually the class name is
+    assertTrue(
+        AuthenticationToken.class.getName().startsWith("com.datastax.oss.pulsar.jms.shaded"));
+
+    properties.put("authPlugin", "org.apache.pulsar.client.impl.auth.AuthenticationToken");
+
+    Map<String, Object> consumerProperties = new HashMap<>();
+    consumerProperties.put("something", "org.apache.pulsar.client.something");
+
+    Map<String, Object> producerProperties = new HashMap<>();
+    producerProperties.put("somethingElse", "org.apache.pulsar.somethingElse");
+
+    properties.put("consumerConfig", consumerProperties);
+    properties.put("producerConfig", producerProperties);
+
+    try (PulsarConnectionFactory factory = new PulsarConnectionFactory(properties); ) {
+      Map<String, Object> adjustedConfiguration = factory.getConfiguration();
+      assertEquals(AuthenticationToken.class.getName(), adjustedConfiguration.get("authPlugin"));
+
+      assertEquals(
+          "com.datastax.oss.pulsar.jms.shaded.org.apache.pulsar.client.something",
+          ((Map) adjustedConfiguration.get("consumerConfig")).get("something"));
+
+      assertEquals(
+          "com.datastax.oss.pulsar.jms.shaded.org.apache.pulsar.somethingElse",
+          ((Map) adjustedConfiguration.get("producerConfig")).get("somethingElse"));
+    }
+  }
+}

pulsar-jms-integration-tests/src/test/resources/admin-token.jwt

@@ -0,0 +1 @@
+eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiJ9.AkN4Ig_QUcGUwbG_8IkD68raAFmtewjipO2fK0Y3RtQ

pulsar-jms-integration-tests/src/test/resources/client.conf

@@ -0,0 +1,69 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+# Configuration for pulsar-client and pulsar-admin CLI tools
+
+# URL for Pulsar REST API (for admin operations)
+# For TLS:
+# webServiceUrl=https://localhost:8443/
+webServiceUrl=http://localhost:8080/
+
+# URL for Pulsar Binary Protocol (for produce and consume operations)
+# For TLS:
+# brokerServiceUrl=pulsar+ssl://localhost:6651/
+brokerServiceUrl=pulsar://localhost:6650/
+
+# Authentication plugin to authenticate with servers
+# e.g. for TLS
+# authPlugin=org.apache.pulsar.client.impl.auth.AuthenticationTls
+authPlugin=org.apache.pulsar.client.impl.auth.AuthenticationToken
+
+# Parameters passed to authentication plugin.
+# A comma separated list of key:value pairs.
+# Keys depend on the configured authPlugin.
+# e.g. for TLS
+# authParams=tlsCertFile:/path/to/client-cert.pem,tlsKeyFile:/path/to/client-key.pem
+authParams=file:///pulsar/conf/admin-token.jwt
+
+# Allow TLS connections to servers whose certificate cannot be
+# be verified to have been signed by a trusted certificate
+# authority.
+tlsAllowInsecureConnection=false
+
+# Whether server hostname must match the common name of the certificate
+# the server is using.
+tlsEnableHostnameVerification=false
+
+# Path for the trusted TLS certificate file.
+# This cert is used to verify that any cert presented by a server
+# is signed by a certificate authority. If this verification
+# fails, then the cert is untrusted and the connection is dropped.
+tlsTrustCertsFilePath=
+
+# Enable TLS with KeyStore type configuration in broker.
+useKeyStoreTls=false
+
+# TLS KeyStore type configuration: JKS, PKCS12
+tlsTrustStoreType=JKS
+
+# TLS TrustStore path
+tlsTrustStorePath=
+
+# TLS TrustStore password
+tlsTrustStorePassword=

pulsar-jms-integration-tests/src/test/resources/secret-key.key

@@ -0,0 +1 @@
+t������F�>g�_B`�xPD,$��NWb0

pulsar-jms-integration-tests/src/test/resources/standalone.conf

@@ -406,13 +406,13 @@ proxyRoles=
 authenticateOriginalAuthData=false
 
 # Enable authentication
-authenticationEnabled=false
+authenticationEnabled=true
 
 # Authentication provider name list, which is comma separated list of class names
-authenticationProviders=
+authenticationProviders=org.apache.pulsar.broker.authentication.AuthenticationProviderToken
 
 # Enforce authorization
-authorizationEnabled=false
+authorizationEnabled=true
 
 # Authorization provider fully qualified class-name
 authorizationProvider=org.apache.pulsar.broker.authorization.PulsarAuthorizationProvider
@@ -424,12 +424,12 @@ authorizationAllowWildcardsMatching=false
 
 # Role names that are treated as "super-user", meaning they will be able to do all admin
 # operations and publish/consume from all topics
-superUserRoles=
+superUserRoles=admin,test-user
 
 # Authentication settings of the broker itself. Used when the broker connects to other brokers,
 # either in same or other clusters
-brokerClientAuthenticationPlugin=
-brokerClientAuthenticationParameters=
+brokerClientAuthenticationPlugin=org.apache.pulsar.client.impl.auth.AuthenticationToken
+brokerClientAuthenticationParameters=file:///pulsar/conf/admin-token.jwt
 
 # Supported Athenz provider domain names(comma separated) for authentication
 athenzDomainNames=
@@ -445,7 +445,7 @@ anonymousUserRole=
 # The key can be specified like:
 # tokenSecretKey=data:;base64,xxxxxxxxx
 # tokenSecretKey=file:///my/secret.key  ( Note: key file must be DER-encoded )
-tokenSecretKey=
+tokenSecretKey=file:///pulsar/conf/secret-key.key
 
 ## Asymmetric public/private key pair
 # Configure the public key to be used to validate auth tokens

pulsar-jms-integration-tests/src/test/resources/standalone_transactions.conf

@@ -386,7 +386,7 @@ brokerClientTlsCiphers=
 brokerClientTlsProtocols=
 
 # Enable or disable system topic
-systemTopicEnabled=true
+systemTopicEnabled=false
 
 # Enable or disable topic level policies, topic level policies depends on the system topic
 # Please enable the system topic first.
@@ -406,13 +406,13 @@ proxyRoles=
 authenticateOriginalAuthData=false
 
 # Enable authentication
-authenticationEnabled=false
+authenticationEnabled=true
 
 # Authentication provider name list, which is comma separated list of class names
-authenticationProviders=
+authenticationProviders=org.apache.pulsar.broker.authentication.AuthenticationProviderToken
 
 # Enforce authorization
-authorizationEnabled=false
+authorizationEnabled=true
 
 # Authorization provider fully qualified class-name
 authorizationProvider=org.apache.pulsar.broker.authorization.PulsarAuthorizationProvider
@@ -424,12 +424,12 @@ authorizationAllowWildcardsMatching=false
 
 # Role names that are treated as "super-user", meaning they will be able to do all admin
 # operations and publish/consume from all topics
-superUserRoles=
+superUserRoles=admin,test-user
 
 # Authentication settings of the broker itself. Used when the broker connects to other brokers,
 # either in same or other clusters
-brokerClientAuthenticationPlugin=
-brokerClientAuthenticationParameters=
+brokerClientAuthenticationPlugin=org.apache.pulsar.client.impl.auth.AuthenticationToken
+brokerClientAuthenticationParameters=file:///pulsar/conf/admin-token.jwt
 
 # Supported Athenz provider domain names(comma separated) for authentication
 athenzDomainNames=
@@ -445,7 +445,7 @@ anonymousUserRole=
 # The key can be specified like:
 # tokenSecretKey=data:;base64,xxxxxxxxx
 # tokenSecretKey=file:///my/secret.key  ( Note: key file must be DER-encoded )
-tokenSecretKey=
+tokenSecretKey=file:///pulsar/conf/secret-key.key
 
 ## Asymmetric public/private key pair
 # Configure the public key to be used to validate auth tokens

pulsar-jms-integration-tests/src/test/resources/token.jwt

@@ -0,0 +1 @@
+eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0ZXN0LXVzZXIifQ.33mWJpOK6K2VtSfnuzSKyTmRZ8NOU9TXD88DiVcmZ-s