Gateway to the Confluent Kafka REST Proxy. It does the authentication and authorization, content validation and decompression if needed. It is available as a docker image.
The RADAR-Auth library is used for authentication and authorization of users. Refer to the documentation there for a full description of the configuration options.
Start the REST Proxy with
docker-compose -f src/integrationTest/docker/docker-compose.yml up -d ./gradlew run
Now you can access the REST proxy via the gateway:
curl -H 'Authorization: Bearer myAccessToken' http://localhost:8080/radar-gateway/topics
The access token should be generated by the aforementioned Management portal. The gateway does content validation for posted data. It requires to use the Avro format with JSON serialization, using the
application/vnd.kafka.avro.v2+json media types, as described in the REST Proxy documentation. It also requires messages to have both a key and a value with schemas. The key should have a
sourceId field. The
userId should match the
sub field in the OAuth2 JWT access token. That JWT should also contain a
sources array claim which should contain the given
sourceId. Sources can be added in the ManagementPortal or be generated by the app dynamically and then registered with the ManagementPortal.
Data compressed with GZIP is decompressed if the
Content-Encoding: gzip header is provided. With
curl, use the
-H "Content-Encoding: gzip" --data-binary @data.json.gz flags.
Otherwise, it accepts all the same Avro messages and headers as specified in the Kafka REST Proxy documentation.