diff --git a/examples/spire_producer.example/spire_producer.example.go b/examples/spire_producer.example/spire_producer.example.go index e9c26e82c..d7ef39d1a 100644 --- a/examples/spire_producer.example/spire_producer.example.go +++ b/examples/spire_producer.example/spire_producer.example.go @@ -7,7 +7,6 @@ import ( "github.com/spiffe/go-spiffe/v2/workloadapi" "os" "os/signal" - "regexp" "syscall" "time" @@ -16,25 +15,6 @@ import ( _ "github.com/spiffe/go-spiffe/v2/svid/jwtsvid" ) -var ( - // Regex for sasl.oauthbearer.config, which constrains it to be - // 1 or more name=value pairs with optional ignored whitespace - oauthbearerConfigRegex = regexp.MustCompile("^(\\s*(\\w+)\\s*=\\s*(\\w+))+\\s*$") - // Regex used to extract name=value pairs from sasl.oauthbearer.config - oauthbearerNameEqualsValueRegex = regexp.MustCompile("(\\w+)\\s*=\\s*(\\w+)") -) - -const ( - principalClaimNameKey = "principalClaimName" - principalKey = "principal" - joseHeaderEncoded = "eyJhbGciOiJub25lIn0" // {"alg":"none"} -) - -type tokenAuth struct { - audience []string - tokenSource *workloadapi.JWTSource -} - // handleJWTTokenRefreshEvent retrieves JWT from the SPIRE workload API and // sets the token on the client for use in any future authentication attempt. // It must be invoked whenever kafka.OAuthBearerTokenRefresh appears on the client's event channel, @@ -61,7 +41,7 @@ func retrieveJWTToken(ctx context.Context, principal, socketPath string, audienc ctx, workloadapi.WithClientOptions(workloadapi.WithAddr(socketPath)), ) - //workloadapi.ValidateJWTSVID() + if err != nil { return kafka.OAuthBearerToken{}, nil, fmt.Errorf("unable to create JWTSource: %w", err) }