public static <T> void set(Map<String, String> conf, String key, Codec<T> codec, T obj) throws IOException { byte[] encoded = codec.encode(obj); LOG.trace("Serializing {} {}", key, Bytes.toStringBinary(encoded)); conf.put(key, Base64.encodeBase64String(encoded)); }
public static <T> void set(Configuration conf, String key, Codec<T> codec, T obj) throws IOException { byte[] encoded = codec.encode(obj); LOG.trace("Serializing {} {}", key, Bytes.toStringBinary(encoded)); conf.set(key, Base64.encodeBase64String(encoded)); }
public static <T> void set(Configuration conf, String key, Codec<T> codec, T obj) throws IOException { byte[] encoded = codec.encode(obj); LOG.trace("Serializing {} {}", key, Bytes.toStringBinary(encoded)); conf.set(key, Base64.encodeBase64String(encoded)); }
public static <T> void set(Map<String, String> conf, String key, Codec<T> codec, T obj) throws IOException { byte[] encoded = codec.encode(obj); LOG.trace("Serializing {} {}", key, Bytes.toStringBinary(encoded)); conf.put(key, Base64.encodeBase64String(encoded)); }
try { final T data = dataSupplier.get(); Futures.addCallback(zkClient.setData(path, codec.encode(data)), new FutureCallback<Stat>() { @Override public void onSuccess(Stat state) {
try { final T data = dataSupplier.get(); Futures.addCallback(zkClient.setData(path, codec.encode(data)), new FutureCallback<Stat>() { @Override public void onSuccess(Stat state) {
/** * * @param accessToken is the access token from Authorization header in HTTP Request * @return the serialized access token identifer * @throws IOException */ public AccessTokenIdentifierPair transform(String accessToken) throws IOException { byte[] decodedAccessToken = Base64.decodeBase64(accessToken); AccessToken accessTokenObj = accessTokenCodec.decode(decodedAccessToken); AccessTokenIdentifier accessTokenIdentifierObj = accessTokenObj.getIdentifier(); byte[] encodedAccessTokenIdentifier = accessTokenIdentifierCodec.encode(accessTokenIdentifierObj); return new AccessTokenIdentifierPair(Base64.encodeBase64String(encodedAccessTokenIdentifier).trim(), accessTokenIdentifierObj); }
byte[] encodedIdentifier = Base64.encodeBase64(tokenCodec.encode(token)); json.addProperty(ExternalAuthenticationServer.ResponseFields.ACCESS_TOKEN, new String(encodedIdentifier, Charsets.UTF_8));
@Override public void doInit() throws IOException { File keyFile = new File(keyFilePath); String keyFileDirectory = keyFile.getParent(); File keyFileDir = new File(keyFileDirectory); // Create directory for keyfile if it doesn't exist already. if (!keyFileDir.exists() && !keyFileDir.mkdir()) { throw new IOException("Failed to create directory " + keyFileDirectory + " for keyfile storage."); } else { Preconditions.checkState(keyFileDir.isDirectory(), "Configured keyFile directory " + keyFileDirectory + " is not a directory!"); Preconditions.checkState(keyFileDir.canRead(), "Configured keyFile directory " + keyFileDirectory + " exists but is not readable!"); } // Read existing key from file. if (keyFile.exists()) { KeyIdentifier storedKey = keyIdentifierCodec.decode(Files.toByteArray(keyFile)); this.currentKey = storedKey; // the file-based key is considered valid forever allKeys.put(storedKey.getKeyId(), storedKey); } else { Preconditions.checkState(keyFileDir.canWrite(), "Configured keyFile directory " + keyFileDirectory + " exists but is not writable!"); // Create a new key and write to file. generateKey(); keyFile.createNewFile(); Files.write(keyIdentifierCodec.encode(currentKey), keyFile); } }
/** * Generates a signature for the given token value, using the currently active secret key. * @param identifier Verified identity for which a token should be generated. * @return A token containing the verified identify and a digest of its contents. */ public AccessToken signIdentifier(AccessTokenIdentifier identifier) { try { KeyManager.DigestId digest = keyManager.generateMAC(identifierCodec.encode(identifier)); return new AccessToken(identifier, digest.getId(), digest.getDigest()); } catch (IOException ioe) { throw Throwables.propagate(ioe); } catch (InvalidKeyException ike) { throw new IllegalStateException("Invalid key configured for KeyManager.", ike); } }
final byte[] data = CoordinationConstants.RESOURCE_ASSIGNMENT_CODEC.encode(assignment); String zkPath = CoordinationConstants.ASSIGNMENTS_PATH + "/" + assignmentName;
final byte[] data = CoordinationConstants.RESOURCE_ASSIGNMENT_CODEC.encode(assignment); String zkPath = CoordinationConstants.ASSIGNMENTS_PATH + "/" + assignmentName;
@Override public final <T> void validateMAC(Codec<T> codec, Signed<T> signedMessage) throws InvalidDigestException, InvalidKeyException { try { byte[] newDigest = generateMAC(signedMessage.getKeyId(), codec.encode(signedMessage.getMessage())); if (!Bytes.equals(signedMessage.getDigestBytes(), newDigest)) { throw new InvalidDigestException("Token signature is not valid!"); } } catch (IOException ioe) { throw Throwables.propagate(ioe); } }
@Test public void testKeyIdentifierSerialization() throws Exception { SecretKey nextKey = keyGenerator.generateKey(); Random random = new Random(); KeyIdentifier keyIdentifier = new KeyIdentifier(nextKey, random.nextInt(), Long.MAX_VALUE); byte[] encoded = keyIdentifierCodec.encode(keyIdentifier); KeyIdentifier decodedKeyIdentifier = keyIdentifierCodec.decode(encoded); assertEquals(keyIdentifier, decodedKeyIdentifier); }
@Test public void testTokenSerialization() throws Exception { ImmutablePair<TokenManager, Codec<AccessToken>> pair = getTokenManagerAndCodec(); TokenManager tokenManager = pair.getFirst(); tokenManager.startAndWait(); Codec<AccessToken> tokenCodec = pair.getSecond(); long now = System.currentTimeMillis(); String user = "testuser"; List<String> groups = Lists.newArrayList("users", "admins"); AccessTokenIdentifier ident1 = new AccessTokenIdentifier(user, groups, now, now + TOKEN_DURATION); AccessToken token1 = tokenManager.signIdentifier(ident1); byte[] tokenBytes = tokenCodec.encode(token1); AccessToken token2 = tokenCodec.decode(tokenBytes); assertEquals(token1, token2); LOG.info("Deserialized token is: " + Bytes.toStringBinary(tokenCodec.encode(token2))); // should be valid since we just signed it tokenManager.validateSecret(token2); tokenManager.stopAndWait(); } }
now, now + TOKEN_DURATION); AccessToken token1 = tokenManager.signIdentifier(ident1); LOG.info("Signed token is: " + Bytes.toStringBinary(tokenCodec.encode(token1))); tokenManager.validateSecret(expiredToken); fail("Token should have been expired but passed validation: " + Bytes.toStringBinary(tokenCodec.encode(expiredToken))); } catch (InvalidTokenException expected) { } tokenManager.validateSecret(invalidToken); fail("Token should have been rejected for invalid digest but passed: " + Bytes.toStringBinary(tokenCodec.encode(invalidToken))); } catch (InvalidTokenException expected) { } tokenManager.validateSecret(invalidKeyToken); fail("Token should have been rejected for invalid key ID but passed: " + Bytes.toStringBinary(tokenCodec.encode(invalidToken))); } catch (InvalidTokenException expected) { }