/** * Creates a <code>KeyProviderDelegationTokenExtension</code> using a given * {@link KeyProvider}. * <p/> * If the given <code>KeyProvider</code> implements the * {@link DelegationTokenExtension} interface the <code>KeyProvider</code> * itself will provide the extension functionality, otherwise a default * extension implementation will be used. * * @param keyProvider <code>KeyProvider</code> to use to create the * <code>KeyProviderDelegationTokenExtension</code> extension. * @return a <code>KeyProviderDelegationTokenExtension</code> instance * using the given <code>KeyProvider</code>. */ public static KeyProviderDelegationTokenExtension createKeyProviderDelegationTokenExtension(KeyProvider keyProvider) { DelegationTokenExtension delTokExtension = (keyProvider instanceof DelegationTokenExtension) ? (DelegationTokenExtension) keyProvider : DEFAULT_EXTENSION; return new KeyProviderDelegationTokenExtension( keyProvider, delTokExtension); }
@Override public String getCanonicalServiceName() { return getExtension().getCanonicalServiceName(); }
/** * Uses the KeyProviderDelegationTokenExtension to get the delegation token for KMS. * @param renewer User used to renew the delegation tokens * @param credentials Credentials in which to add new delegation tokens * @return credentials with KMS delegation token added if it was successfully retrieved. */ @Override public Credentials addDelegationTokens(String renewer, Credentials credentials) { KeyProviderDelegationTokenExtension tokenExtension = KeyProviderDelegationTokenExtension.createKeyProviderDelegationTokenExtension(provider); try { tokenExtension.addDelegationTokens(renewer, credentials); } catch (IOException e) { LOG.debug("KMS delegation token not updated."); } return credentials; }
final KeyProviderDelegationTokenExtension kpdte = KeyProviderDelegationTokenExtension. createKeyProviderDelegationTokenExtension(kp); final InetSocketAddress kmsAddr = new InetSocketAddress(getKMSUrl().getHost(), getKMSUrl().getPort());
@Override public Token<?>[] addDelegationTokens( final String renewer, Credentials credentials) throws IOException { Token<?>[] tokens = super.addDelegationTokens(renewer, credentials); if (dfs.isHDFSEncryptionEnabled()) { KeyProviderDelegationTokenExtension keyProviderDelegationTokenExtension = KeyProviderDelegationTokenExtension. createKeyProviderDelegationTokenExtension(dfs.getKeyProvider()); Token<?>[] kpTokens = keyProviderDelegationTokenExtension. addDelegationTokens(renewer, credentials); if (tokens != null && kpTokens != null) { Token<?>[] all = new Token<?>[tokens.length + kpTokens.length]; System.arraycopy(tokens, 0, all, 0, tokens.length); System.arraycopy(kpTokens, 0, all, tokens.length, kpTokens.length); tokens = all; } else { tokens = (tokens != null) ? tokens : kpTokens; } } return tokens; }
@Override public Token<?>[] addDelegationTokens( final String renewer, Credentials credentials) throws IOException { Token<?>[] tokens = super.addDelegationTokens(renewer, credentials); if (dfs.isHDFSEncryptionEnabled()) { KeyProviderDelegationTokenExtension keyProviderDelegationTokenExtension = KeyProviderDelegationTokenExtension. createKeyProviderDelegationTokenExtension(dfs.getKeyProvider()); Token<?>[] kpTokens = keyProviderDelegationTokenExtension. addDelegationTokens(renewer, credentials); if (tokens != null && kpTokens != null) { Token<?>[] all = new Token<?>[tokens.length + kpTokens.length]; System.arraycopy(tokens, 0, all, 0, tokens.length); System.arraycopy(kpTokens, 0, all, tokens.length, kpTokens.length); tokens = all; } else { tokens = (tokens != null) ? tokens : kpTokens; } } return tokens; }
@Override public Token<?> getDelegationToken(final String renewer) throws IOException { return getExtension().getDelegationToken(renewer); }
/** * Creates a <code>KeyProviderDelegationTokenExtension</code> using a given * {@link KeyProvider}. * <p/> * If the given <code>KeyProvider</code> implements the * {@link DelegationTokenExtension} interface the <code>KeyProvider</code> * itself will provide the extension functionality, otherwise a default * extension implementation will be used. * * @param keyProvider <code>KeyProvider</code> to use to create the * <code>KeyProviderDelegationTokenExtension</code> extension. * @return a <code>KeyProviderDelegationTokenExtension</code> instance * using the given <code>KeyProvider</code>. */ public static KeyProviderDelegationTokenExtension createKeyProviderDelegationTokenExtension(KeyProvider keyProvider) { DelegationTokenExtension delTokExtension = (keyProvider instanceof DelegationTokenExtension) ? (DelegationTokenExtension) keyProvider : DEFAULT_EXTENSION; return new KeyProviderDelegationTokenExtension( keyProvider, delTokExtension); }
@Test public void testCreateExtension() throws Exception { Configuration conf = new Configuration(); Credentials credentials = new Credentials(); KeyProvider kp = new UserProvider.Factory().createProvider(new URI("user:///"), conf); KeyProviderDelegationTokenExtension kpDTE1 = KeyProviderDelegationTokenExtension .createKeyProviderDelegationTokenExtension(kp); Assert.assertNotNull(kpDTE1); // Default implementation should be a no-op and return null Assert.assertNull(kpDTE1.addDelegationTokens("user", credentials)); MockKeyProvider mock = mock(MockKeyProvider.class); Mockito.when(mock.getConf()).thenReturn(new Configuration()); when(mock.addDelegationTokens("renewer", credentials)).thenReturn( new Token<?>[]{new Token(null, null, new Text("kind"), new Text( "service"))} ); KeyProviderDelegationTokenExtension kpDTE2 = KeyProviderDelegationTokenExtension .createKeyProviderDelegationTokenExtension(mock); Token<?>[] tokens = kpDTE2.addDelegationTokens("renewer", credentials); Assert.assertNotNull(tokens); Assert.assertEquals("kind", tokens[0].getKind().toString()); }
/** * Passes the renewer and Credentials object to the underlying * {@link DelegationTokenExtension} * @param renewer the user allowed to renew the delegation tokens * @param credentials cache in which to add new delegation tokens * @return list of new delegation tokens * @throws IOException thrown if IOException if an IO error occurs. */ public Token<?>[] addDelegationTokens(final String renewer, Credentials credentials) throws IOException { return getExtension().addDelegationTokens(renewer, credentials); }
/** * Creates a <code>KeyProviderDelegationTokenExtension</code> using a given * {@link KeyProvider}. * <p/> * If the given <code>KeyProvider</code> implements the * {@link DelegationTokenExtension} interface the <code>KeyProvider</code> * itself will provide the extension functionality, otherwise a default * extension implementation will be used. * * @param keyProvider <code>KeyProvider</code> to use to create the * <code>KeyProviderDelegationTokenExtension</code> extension. * @return a <code>KeyProviderDelegationTokenExtension</code> instance * using the given <code>KeyProvider</code>. */ public static KeyProviderDelegationTokenExtension createKeyProviderDelegationTokenExtension(KeyProvider keyProvider) { DelegationTokenExtension delTokExtension = (keyProvider instanceof DelegationTokenExtension) ? (DelegationTokenExtension) keyProvider : DEFAULT_EXTENSION; return new KeyProviderDelegationTokenExtension( keyProvider, delTokExtension); }
@Test public void testCreateExtension() throws Exception { Configuration conf = new Configuration(); Credentials credentials = new Credentials(); KeyProvider kp = new UserProvider.Factory().createProvider(new URI("user:///"), conf); KeyProviderDelegationTokenExtension kpDTE1 = KeyProviderDelegationTokenExtension .createKeyProviderDelegationTokenExtension(kp); Assert.assertNotNull(kpDTE1); // Default implementation should be a no-op and return null Assert.assertNull(kpDTE1.addDelegationTokens("user", credentials)); MockKeyProvider mock = mock(MockKeyProvider.class); Mockito.when(mock.getConf()).thenReturn(new Configuration()); when(mock.addDelegationTokens("renewer", credentials)).thenReturn( new Token<?>[]{new Token(null, null, new Text("kind"), new Text( "service"))} ); KeyProviderDelegationTokenExtension kpDTE2 = KeyProviderDelegationTokenExtension .createKeyProviderDelegationTokenExtension(mock); Token<?>[] tokens = kpDTE2.addDelegationTokens("renewer", credentials); Assert.assertNotNull(tokens); Assert.assertEquals("kind", tokens[0].getKind().toString()); }
/** * Passes the renewer and Credentials object to the underlying * {@link DelegationTokenExtension} * @param renewer the user allowed to renew the delegation tokens * @param credentials cache in which to add new delegation tokens * @return list of new delegation tokens * @throws IOException thrown if IOException if an IO error occurs. */ public Token<?>[] addDelegationTokens(final String renewer, Credentials credentials) throws IOException { return getExtension().addDelegationTokens(renewer, credentials); }
/** * Creates a <code>KeyProviderDelegationTokenExtension</code> using a given * {@link KeyProvider}. * <p/> * If the given <code>KeyProvider</code> implements the * {@link DelegationTokenExtension} interface the <code>KeyProvider</code> * itself will provide the extension functionality, otherwise a default * extension implementation will be used. * * @param keyProvider <code>KeyProvider</code> to use to create the * <code>KeyProviderDelegationTokenExtension</code> extension. * @return a <code>KeyProviderDelegationTokenExtension</code> instance * using the given <code>KeyProvider</code>. */ public static KeyProviderDelegationTokenExtension createKeyProviderDelegationTokenExtension(KeyProvider keyProvider) { DelegationTokenExtension delTokExtension = (keyProvider instanceof DelegationTokenExtension) ? (DelegationTokenExtension) keyProvider : DEFAULT_EXTENSION; return new KeyProviderDelegationTokenExtension( keyProvider, delTokExtension); }
createKeyProviderDelegationTokenExtension(kp); Credentials credentials = new Credentials(); kpdte.addDelegationTokens("foo", credentials); Assert.assertEquals(1, credentials.getAllTokens().size()); InetSocketAddress kmsAddr = new InetSocketAddress(getKMSUrl().getHost(),
/** * Passes the renewer and Credentials object to the underlying * {@link DelegationTokenExtension} * @param renewer the user allowed to renew the delegation tokens * @param credentials cache in which to add new delegation tokens * @return list of new delegation tokens * @throws IOException thrown if IOException if an IO error occurs. */ public Token<?>[] addDelegationTokens(final String renewer, Credentials credentials) throws IOException { return getExtension().addDelegationTokens(renewer, credentials); }
/** * Creates a <code>KeyProviderDelegationTokenExtension</code> using a given * {@link KeyProvider}. * <p/> * If the given <code>KeyProvider</code> implements the * {@link DelegationTokenExtension} interface the <code>KeyProvider</code> * itself will provide the extension functionality, otherwise a default * extension implementation will be used. * * @param keyProvider <code>KeyProvider</code> to use to create the * <code>KeyProviderDelegationTokenExtension</code> extension. * @return a <code>KeyProviderDelegationTokenExtension</code> instance * using the given <code>KeyProvider</code>. */ public static KeyProviderDelegationTokenExtension createKeyProviderDelegationTokenExtension(KeyProvider keyProvider) { DelegationTokenExtension delTokExtension = (keyProvider instanceof DelegationTokenExtension) ? (DelegationTokenExtension) keyProvider : DEFAULT_EXTENSION; return new KeyProviderDelegationTokenExtension( keyProvider, delTokExtension); }
/** * Passes the renewer and Credentials object to the underlying * {@link DelegationTokenExtension} * @param renewer the user allowed to renew the delegation tokens * @param credentials cache in which to add new delegation tokens * @return list of new delegation tokens * @throws IOException thrown if IOException if an IO error occurs. */ public Token<?>[] addDelegationTokens(final String renewer, Credentials credentials) throws IOException { return getExtension().addDelegationTokens(renewer, credentials); }