| Property| C/P| Range| Default| Desc|

| --| --| --| --| --|

| brokerVersion| C/P| 0.8.0| 0.10.1.0| User supplied broker version|

| clientId| C/P|| kafka-php| This is a user supplied identifier for the client application|

| clientId| C/P|| kafka-php| This is a user supplied identifier for the client application|

| messageMaxBytes| C/P| 1000 .. 1000000000| 1000000| Maximum transmit message size.|

| metadataBrokerList| C/P||| Kafka Broker server list|

| metadataMaxAgeMs| C/P| 1 .. 86400000| -1| Metadata cache max age. Defaults to metadata.refresh.interval.ms * 3|

| metadataRefreshIntervalMs| C/P| 10 .. 3600000| 300000| Topic metadata refresh interval in milliseconds. The metadata is automatically refreshed on error and connect. Use -1 to disable the intervalled refresh.|

| metadataRequestTimeoutMs| C/P| 10 .. 900000| 60000| Non-topic request timeout in milliseconds. This is for metadata requests, etc.|

| sslEnable| C/P| true/false| false| Whether enable ssl connect or not|

| sslEnableAuthentication| C/P| true/false| true| Enable authentication via SSL|

| sslCafile| C/P||| Location of Certificate Authority file on local filesystem which should be used with the verify_peer context option to authenticate the identity of the remote peer.|

| sslLocalCert| C/P| File path|| Path to local certificate file on filesystem.|

| sslLocalPk| C/P| File path|| Path to local private key file on filesystem in case of separate files for certificate (local_cert) and private key.|

| maxWaitTime| C|| 100| Maximum time in ms to wait for the response|

| sessionTimeout| C| 1 .. 3600000| 30000| Client group session and failure detection timeout.|

| rebalanceTimeout| C| 1 .. 3600000| 30000| rebalance join wait timeout|

| topics| C||| Want consumer topics|

| topics| C||| Want consumer topics|

| isAsyn| P| true, false| false| Whether to use asynchronous production messages|

| produceInterval| P| 1 .. 900000| 100| The time interval at which requests for production messages are executed when the message is produced asynchronously|

| requestTimeout| P| 1 .. 900000| 6000| The total timeout of the production message, which must be greater than the timeout config parameter|

| Property| C/P| Range| Default| Desc|

| ----| ----| ----| ----| ----|

| clientId| C/P|| kafka-php| 客户端标识|

| ----| ----| ----| ----| ----|

| clientId| C/P|| kafka-php| 客户端标识|

| brokerVersion| C/P| 大于 0.8.0| 0.10.1.0| 为了计算 Kafka 请求的协议版本|

| metadataBrokerList| C/P||| 指定 Kafka Broker 列表，多个用逗号分隔|

| messageMaxBytes| C/P| 1000 .. 1000000000| 1000000| 消息最大长度|

| metadataRequestTimeoutMs| C/P| 10 .. 900000| 60000| 获取 meta 信息超时时间|

| metadataRefreshIntervalMs| C/P| 10 .. 3600000| 300000| 获取同步 meta 信息的时间间隔|

| metadataMaxAgeMs | C/P | 1 .. 86400000 | -1 | meta 信息有效期

| sslEnable| C/P| true/false| false| 是否开启 Ssl 连接|

| sslEnableAuthentication| C/P| true/false| true| 通过SSL启用身份验证|

| sslLocalCert| C/P| File path|| 本地证书路径|

| sslLocalPk| C/P| File path|| 如果使用独立的文件来存储证书（local_cert）和私钥， 那么使用此选项来指明私钥文件的路径。|

| sslVerifyPeer| C/P| true/false| false| 是否需要验证 SSL 证书。|

| groupId| C||| 消费模块的分组 ID|

| sessionTimeout| C| 1 .. 3600000| 30000| 分组中消费者的有效时间|

| rebalanceTimeout| C| 1 .. 3600000| 30000| 分组 rebalance 等待 join 时间|

| topics| C||| 将要消费的 kafka topic 名称|

| topics| C||| 将要消费的 kafka topic 名称|

| offsetReset| C| latest,earliest| latest| 如果消费 offset 失效的时候重置 offset 的策略|

| maxBytes| C|| 65536| 单次 FETCH 请求对于单个分区请求的最大字节数|

| maxWaitTime| C|| 100| 等待服务端响应 FETCH 请求的最大时间|

无论是消费模块还是生产模块，如果参数设置不符合规则时都会抛`\Kafka\Exception\Config` 异常

$port =null;

if (isset($this->brokers[$key])) {

$hostname=$this->brokers[$key];

$hostname =$this->brokers[$key];

[$host,$port] =explode(':',$hostname);

}

usefunctionfeof;

usefunctionfread;

usefunctionfwrite;

usefunctionis_null;

usefunctionis_resource;

usefunctionsprintf;

usefunctionstream_context_create;

if ($this->config !==null &&$this->config->getSslEnable()) {// ssl connection

$remoteSocket =sprintf('ssl://%s:%s',$this->host,$this->port);

$context =stream_context_create(

[

'ssl' => [

'local_cert' =>$this->config->getSslLocalCert(),

'local_pk' =>$this->config->getSslLocalPk(),

'verify_peer' =>$this->config->getSslVerifyPeer(),

'passphrase' =>$this->config->getSslPassphrase(),

'cafile' =>$this->config->getSslCafile(),

'peer_name' =>$this->config->getSslPeerName(),

],

]

);

$context =$this->createSslStreamContext();

}

$this->stream =$this->createSocket($remoteSocket,$context,$errno,$errstr);

}

}

protectedfunctioncreateSslStreamContext()

{

if (is_null($this->config)) {

thrownewException('Cannot build SSL context without configuration');

}

if ($this->config->getSslEnableAuthentication()) {

returnstream_context_create(

[

'ssl' => [

'local_cert' =>$this->config->getSslLocalCert(),

'local_pk' =>$this->config->getSslLocalPk(),

'verify_peer' =>$this->config->getSslVerifyPeer(),

'passphrase' =>$this->config->getSslPassphrase(),

'cafile' =>$this->config->getSslCafile(),

'peer_name' =>$this->config->getSslPeerName(),

],

]

);

}

returnstream_context_create(

[

'ssl' => [

'verify_peer' =>$this->config->getSslVerifyPeer(),

'cafile' =>$this->config->getSslCafile(),

'peer_name' =>$this->config->getSslPeerName(),

],

]

);

}

'metadataMaxAgeMs' => -1,

'securityProtocol' =>self::SECURITY_PROTOCOL_PLAINTEXT,

'sslEnable' =>false,// this config item will override, don't config it.

'sslLocalCert' =>'',

'sslLocalPk' =>'',

'sslEnableAuthentication' =>true,

'sslLocalCert' =>false,

'sslLocalPk' =>false,

'sslVerifyPeer' =>false,

'sslPassphrase' =>'',

'sslPassphrase' =>false,

'sslCafile' =>'',

'sslPeerName' =>'',

'saslMechanism' =>self::SASL_MECHANISMS_PLAIN,

}

if ($errorCode === Protocol::OFFSET_OUT_OF_RANGE) {

$resetOffset=$this->getConfig()->getOffsetReset();

$offsets=$resetOffset ==='latest' ?$assign->getLastOffsets() :$assign->getOffsets();

$resetOffset =$this->getConfig()->getOffsetReset();

$offsets =$resetOffset ==='latest' ?$assign->getLastOffsets() :$assign->getOffsets();

[$topic,$partId] =$context;

}

publicfunctiontestCreateStreamSsl():void

{

$host ='127.0.0.1';

$port =9192;

$verifyPeer =false;

$cafile =$this->root->url() .'/cafile';

$peerName ='kafka';

$context =stream_context_create(

[

'ssl' => [

'verify_peer' =>$verifyPeer,

'cafile' =>$cafile,

'peer_name' =>$peerName,

],

]

);

$streamMock =$this->initStreamStub('ssl',$host,$port);

$streamMock->expects($this->once())

->method('context')

->with(stream_context_get_options($context));

$config =$this->getMockForAbstractClass(Config::class);

$config->setSslEnable(true);

$config->setSslEnableAuthentication(false);

$config->setSslCafile($cafile);

$config->setSslVerifyPeer($verifyPeer);

$config->setSslPeerName($peerName);

$sasl =$this->createMock(SaslMechanism::class);

$sasl->expects($this->once())

->method('authenticate')

->with($this->isInstanceOf(Socket::class));

$socket =$this->mockStreamSocketClient($host,$port,$config,$sasl);

$socket->connect();

}

publicfunctiontestCreateStreamSslAuthentication():void

{

$host ='127.0.0.1';

$port =9192;

$config =$this->getMockForAbstractClass(Config::class);

$config->setSslEnable(true);

$config->setSslEnableAuthentication(true);

$config->setSslLocalPk($localKey);

$config->setSslLocalCert($localCert);

$config->setSslCafile($cafile);

$socket->method('createSocket')

->willReturnCallback(

function (string$remoteSocket,$context, ?int &$errno, ?string &$errstr) {

$errno =99;

$errstr ='my custom error';

$errno =99;

$errstr ='my custom error';

return @fopen($remoteSocket,'r+',false,$context);

return @fopen($remoteSocket,'r+',false,$context);

}

);