[fix][broker] Fix authenticate order in AuthenticationProviderList

[coderzc]

Motivation

If we configure multiple AuthenticationProvider, we should authenticate in configuration order, but authenticate from back to front now in AuthenticationListState#authenticateAsync and AuthenticationProviderList#authenticateAsync.

Modifications

Fix authenticate order in AuthenticationProviderList

Verifying this change

• Make sure that the change passes the CI checks.

(Please pick either of the following options)

This change is a trivial rework / code cleanup without any test coverage.

(or)

This change is already covered by existing tests, such as (please describe tests).

(or)

This change added tests and can be verified as follows:

(example:)

• Added integration tests for end-to-end deployment with large payloads (10MB)
• Extended integration test for recovery after broker failure

Does this pull request potentially affect one of the following parts:

If the box was checked, please highlight the changes

• Dependencies (add or upgrade a dependency)
• The public API
• The schema
• The default values of configurations
• The threading model
• The binary protocol
• The REST endpoints
• The admin CLI options
• The metrics
• Anything that affects deployment

Documentation

• doc
• doc-required
• doc-not-needed
• doc-complete

Matching PR in forked repository

PR in forked repository:

[codecov-commenter]

Codecov Report

Attention: Patch coverage is 37.50000% with 5 lines in your changes missing coverage. Please review.

Project coverage is 73.42%. Comparing base (bbc6224) to head (044b4b3).
Report is 486 commits behind head on master.

Files	Patch %	Lines
...ker/authentication/AuthenticationProviderList.java	37.50%	1 Missing and 4 partials ⚠️

Additional details and impacted files

@@             Coverage Diff              @@
##             master   #23111      +/-   ##
============================================
- Coverage     73.57%   73.42%   -0.15%     
- Complexity    32624    33212     +588     
============================================
  Files          1877     1919      +42     
  Lines        139502   144107    +4605     
  Branches      15299    15749     +450     
============================================
+ Hits         102638   105810    +3172     
- Misses        28908    30170    +1262     
- Partials       7956     8127     +171     

Flag	Coverage Δ
inttests	27.51% <0.00%> (+2.93%)	⬆️
systests	24.78% <0.00%> (+0.46%)	⬆️
unittests	72.48% <37.50%> (-0.37%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files	Coverage Δ
...ker/authentication/AuthenticationProviderList.java	49.00% <37.50%> (+0.33%)	⬆️

... and 516 files with indirect coverage changes

[Technoboy-]

LGTM
@michaeljmarshall Could you help review this patch ?

[lhotari]

If we configure multiple AuthenticationProvider, we should authenticate in configuration order, but authenticate from back to front now in AuthenticationListState#authenticateAsync and AuthenticationProviderList#authenticateAsync.

Please explain the rationale. What is the consequence of this change? What problem does it fix?

[coderzc]

If we configure multiple AuthenticationProvider, we should authenticate in configuration order, but authenticate from back to front now in AuthenticationListState#authenticateAsync and AuthenticationProviderList#authenticateAsync.

Please explain the rationale. What is the consequence of this change? What problem does it fix?

When two AuthenticationProviders A and B are configured, and they are valid for a token at the same time, but we expect to use the subject of A for authentication.