From 103624468fdf3fdae3261adcf57f4ab3fccaee65 Mon Sep 17 00:00:00 2001
From: Armin Schlegel <armin.schlegel@gmx.de>
Date: Fri, 18 Nov 2022 08:28:18 +0100
Subject: [PATCH] jetstream pubsub now supports token based auth (#2295)

Signed-off-by: Armin Schlegel <armin.schlegel@gmx.de>

Signed-off-by: Armin Schlegel <armin.schlegel@gmx.de>
---
 pubsub/jetstream/jetstream.go     |  3 +++
 pubsub/jetstream/metadata.go      |  2 ++
 pubsub/jetstream/metadata_test.go | 44 +++++++++++++++++++++++++++++++
 3 files changed, 49 insertions(+)

diff --git a/pubsub/jetstream/jetstream.go b/pubsub/jetstream/jetstream.go
index 28555d9e8..37e2a610d 100644
--- a/pubsub/jetstream/jetstream.go
+++ b/pubsub/jetstream/jetstream.go
@@ -57,6 +57,9 @@ func (js *jetstreamPubSub) Init(metadata pubsub.Metadata) error {
 	} else if js.meta.tlsClientCert != "" && js.meta.tlsClientKey != "" {
 		js.l.Debug("Configure nats for tls client authentication")
 		opts = append(opts, nats.ClientCert(js.meta.tlsClientCert, js.meta.tlsClientKey))
+	} else if js.meta.token != "" {
+		js.l.Debug("Configure nats for token authentication")
+		opts = append(opts, nats.Token(js.meta.token))
 	}
 
 	js.nc, err = nats.Connect(js.meta.natsURL, opts...)
diff --git a/pubsub/jetstream/metadata.go b/pubsub/jetstream/metadata.go
index 890959013..e35708952 100644
--- a/pubsub/jetstream/metadata.go
+++ b/pubsub/jetstream/metadata.go
@@ -27,6 +27,7 @@ type metadata struct {
 
 	jwt     string
 	seedKey string
+	token   string
 
 	tlsClientCert string
 	tlsClientKey  string
@@ -58,6 +59,7 @@ func parseMetadata(psm pubsub.Metadata) (metadata, error) {
 		return metadata{}, fmt.Errorf("missing nats URL")
 	}
 
+	m.token = psm.Properties["token"]
 	m.jwt = psm.Properties["jwt"]
 	m.seedKey = psm.Properties["seedKey"]
 
diff --git a/pubsub/jetstream/metadata_test.go b/pubsub/jetstream/metadata_test.go
index 94314a2d2..0ad9007bc 100644
--- a/pubsub/jetstream/metadata_test.go
+++ b/pubsub/jetstream/metadata_test.go
@@ -71,6 +71,50 @@ func TestParseMetadata(t *testing.T) {
 			},
 			expectErr: false,
 		},
+		{
+			desc: "Valid Metadata with token",
+			input: pubsub.Metadata{Base: mdata.Base{
+				Properties: map[string]string{
+					"natsURL":        "nats://localhost:4222",
+					"name":           "myName",
+					"durableName":    "myDurable",
+					"queueGroupName": "myQueue",
+					"startSequence":  "1",
+					"startTime":      "1629328511",
+					"deliverAll":     "true",
+					"flowControl":    "true",
+					"ackWait":        "2s",
+					"maxDeliver":     "10",
+					"backOff":        "500ms, 2s, 10s",
+					"maxAckPending":  "5000",
+					"replicas":       "3",
+					"memoryStorage":  "true",
+					"rateLimit":      "20000",
+					"hearbeat":       "1s",
+					"token":          "myToken",
+				},
+			}},
+			want: metadata{
+				natsURL:        "nats://localhost:4222",
+				name:           "myName",
+				durableName:    "myDurable",
+				queueGroupName: "myQueue",
+				startSequence:  1,
+				startTime:      time.Unix(1629328511, 0),
+				deliverAll:     true,
+				flowControl:    true,
+				ackWait:        2 * time.Second,
+				maxDeliver:     10,
+				backOff:        []time.Duration{time.Millisecond * 500, time.Second * 2, time.Second * 10},
+				maxAckPending:  5000,
+				replicas:       3,
+				memoryStorage:  true,
+				rateLimit:      20000,
+				hearbeat:       time.Second * 1,
+				token:          "myToken",
+			},
+			expectErr: false,
+		},
 		{
 			desc: "Invalid metadata with missing seed key",
 			input: pubsub.Metadata{Base: mdata.Base{