@Override public void cancel(Token<?> token, Configuration conf) throws IOException { LOG.debug("Canceling delegation token {}", token); KeyProvider keyProvider = createKeyProvider(token, conf); try { if (!(keyProvider instanceof KeyProviderDelegationTokenExtension.DelegationTokenExtension)) { throw new IOException(String .format("keyProvider %s cannot cancel token [%s]", keyProvider == null ? "null" : keyProvider.getClass(), token)); } ((KeyProviderDelegationTokenExtension.DelegationTokenExtension) keyProvider).cancelDelegationToken(token); } finally { if (keyProvider != null) { keyProvider.close(); } } }
@Override public long renew(Token<?> token, Configuration conf) throws IOException { LOG.debug("Renewing delegation token {}", token); KeyProvider keyProvider = createKeyProvider(token, conf); try { if (!(keyProvider instanceof KeyProviderDelegationTokenExtension.DelegationTokenExtension)) { throw new IOException(String .format("keyProvider %s cannot renew token [%s]", keyProvider == null ? "null" : keyProvider.getClass(), token)); } return ((KeyProviderDelegationTokenExtension.DelegationTokenExtension) keyProvider).renewDelegationToken(token); } finally { if (keyProvider != null) { keyProvider.close(); } } }
Token<?>[] tokens = ((KeyProviderDelegationTokenExtension.DelegationTokenExtension)kp) .addDelegationTokens("myuser", new Credentials()); Assert.assertEquals(1, tokens.length); Assert.assertEquals("kms-dt", tokens[0].getKind().toString());
Token<?>[] tokens = ((KeyProviderDelegationTokenExtension.DelegationTokenExtension)kp) .addDelegationTokens("myuser", new Credentials()); Assert.assertEquals(1, tokens.length); Assert.assertEquals("kms-dt", tokens[0].getKind().toString());
@Override public void cancel(Token<?> token, Configuration conf) throws IOException { LOG.debug("Canceling delegation token {}", token); KeyProvider keyProvider = KMSUtil.createKeyProvider(conf, KeyProviderFactory.KEY_PROVIDER_PATH); try { if (!(keyProvider instanceof KeyProviderDelegationTokenExtension.DelegationTokenExtension)) { LOG.warn("keyProvider {} cannot cancel dt.", keyProvider == null ? "null" : keyProvider.getClass()); return; } ((KeyProviderDelegationTokenExtension.DelegationTokenExtension) keyProvider).cancelDelegationToken(token); } finally { if (keyProvider != null) { keyProvider.close(); } } } }
/** * Tests obtaining delegation token from stored key */ @Test(timeout = 120000) public void testDelegationToken() throws Exception { UserGroupInformation.createRemoteUser("JobTracker"); DistributedFileSystem dfs = cluster.getFileSystem(); KeyProvider keyProvider = Mockito.mock(KeyProvider.class, withSettings().extraInterfaces( DelegationTokenExtension.class, CryptoExtension.class)); Mockito.when(keyProvider.getConf()).thenReturn(conf); byte[] testIdentifier = "Test identifier for delegation token".getBytes(); Token<?> testToken = new Token(testIdentifier, new byte[0], new Text(), new Text()); Mockito.when(((DelegationTokenExtension)keyProvider). addDelegationTokens(anyString(), (Credentials)any())). thenReturn(new Token<?>[] { testToken }); dfs.getClient().setKeyProvider(keyProvider); Credentials creds = new Credentials(); final Token<?> tokens[] = dfs.addDelegationTokens("JobTracker", creds); DistributedFileSystem.LOG.debug("Delegation tokens: " + Arrays.asList(tokens)); Assert.assertEquals(2, tokens.length); Assert.assertEquals(tokens[1], testToken); Assert.assertEquals(1, creds.numberOfTokens()); }
@Override public long renew(Token<?> token, Configuration conf) throws IOException { LOG.debug("Renewing delegation token {}", token); KeyProvider keyProvider = KMSUtil.createKeyProvider(conf, KeyProviderFactory.KEY_PROVIDER_PATH); try { if (!(keyProvider instanceof KeyProviderDelegationTokenExtension.DelegationTokenExtension)) { LOG.warn("keyProvider {} cannot renew dt.", keyProvider == null ? "null" : keyProvider.getClass()); return 0; } return ((KeyProviderDelegationTokenExtension.DelegationTokenExtension) keyProvider).renewDelegationToken(token); } finally { if (keyProvider != null) { keyProvider.close(); } } }
/** * Passes the renewer and Credentials object to the underlying * {@link DelegationTokenExtension} * @param renewer the user allowed to renew the delegation tokens * @param credentials cache in which to add new delegation tokens * @return list of new delegation tokens * @throws IOException thrown if IOException if an IO error occurs. */ public Token<?>[] addDelegationTokens(final String renewer, Credentials credentials) throws IOException { return getExtension().addDelegationTokens(renewer, credentials); }
/** * Passes the renewer and Credentials object to the underlying * {@link DelegationTokenExtension} * @param renewer the user allowed to renew the delegation tokens * @param credentials cache in which to add new delegation tokens * @return list of new delegation tokens * @throws IOException thrown if IOException if an IO error occurs. */ public Token<?>[] addDelegationTokens(final String renewer, Credentials credentials) throws IOException { return getExtension().addDelegationTokens(renewer, credentials); }
/** * Passes the renewer and Credentials object to the underlying * {@link DelegationTokenExtension} * @param renewer the user allowed to renew the delegation tokens * @param credentials cache in which to add new delegation tokens * @return list of new delegation tokens * @throws IOException thrown if IOException if an IO error occurs. */ public Token<?>[] addDelegationTokens(final String renewer, Credentials credentials) throws IOException { return getExtension().addDelegationTokens(renewer, credentials); }
/** * Passes the renewer and Credentials object to the underlying * {@link DelegationTokenExtension} * @param renewer the user allowed to renew the delegation tokens * @param credentials cache in which to add new delegation tokens * @return list of new delegation tokens * @throws IOException thrown if IOException if an IO error occurs. */ public Token<?>[] addDelegationTokens(final String renewer, Credentials credentials) throws IOException { return getExtension().addDelegationTokens(renewer, credentials); }
@Override public Token<?> getDelegationToken(final String renewer) throws IOException { return getExtension().getDelegationToken(renewer); }
@Override public String getCanonicalServiceName() { return getExtension().getCanonicalServiceName(); }