@Override public synchronized void deleteCredentialEntry(String name) throws IOException { byte[] cred = credentials.getSecretKey(new Text(name)); if (cred != null) { credentials.removeSecretKey(new Text(name)); } else { throw new IOException("Credential " + name + " does not exist in " + this); } }
@Override public synchronized Metadata getMetadata(String name) throws IOException { if (cache.containsKey(name)) { return cache.get(name); } byte[] serialized = credentials.getSecretKey(new Text(name)); if (serialized == null) { return null; } Metadata result = new Metadata(serialized); cache.put(name, result); return result; }
@Override public synchronized CredentialEntry getCredentialEntry(String alias) { byte[] bytes = credentials.getSecretKey(new Text(alias)); if (bytes == null) { return null; } return new CredentialEntry( alias, new String(bytes, StandardCharsets.UTF_8).toCharArray()); }
@Override public synchronized CredentialEntry createCredentialEntry(String name, char[] credential) throws IOException { Text nameT = new Text(name); if (credentials.getSecretKey(nameT) != null) { throw new IOException("Credential " + name + " already exists in " + this); } credentials.addSecretKey(new Text(name), new String(credential).getBytes("UTF-8")); return new CredentialEntry(name, credential); }
@Override public synchronized KeyVersion getKeyVersion(String versionName) throws IOException { byte[] bytes = credentials.getSecretKey(new Text(versionName)); if (bytes == null) { return null; } return new KeyVersion(getBaseName(versionName), versionName, bytes); }
/** * Copy job credentials to table properties * @param tbl */ public static void copyJobSecretToTableProperties(TableDesc tbl) throws IOException { Credentials credentials = UserGroupInformation.getCurrentUser().getCredentials(); for (Text key : credentials.getAllSecretKeys()) { String keyString = key.toString(); if (keyString.startsWith(TableDesc.SECRET_PREFIX + TableDesc.SECRET_DELIMIT)) { String[] comps = keyString.split(TableDesc.SECRET_DELIMIT); String tblName = comps[1]; String keyName = comps[2]; if (tbl.getTableName().equalsIgnoreCase(tblName)) { tbl.getProperties().put(keyName, new String(credentials.getSecretKey(key))); } } } }
@Override public synchronized KeyVersion createKey(String name, byte[] material, Options options) throws IOException { Text nameT = new Text(name); if (credentials.getSecretKey(nameT) != null) { throw new IOException("Key " + name + " already exists in " + this); } if (options.getBitLength() != 8 * material.length) { throw new IOException("Wrong key length. Required " + options.getBitLength() + ", but got " + (8 * material.length)); } Metadata meta = new Metadata(options.getCipher(), options.getBitLength(), options.getDescription(), options.getAttributes(), new Date(), 1); cache.put(name, meta); String versionName = buildVersionName(name, 0); credentials.addSecretKey(nameT, meta.serialize()); credentials.addSecretKey(new Text(versionName), material); return new KeyVersion(name, versionName, material); }
/** * auxiliary method to get user's secret keys.. * @param alias * @return secret key from the storage */ public static byte[] getSecretKey(Credentials credentials, Text alias) { if(credentials == null) return null; return credentials.getSecretKey(alias); }
/** * auxiliary method to get user's secret keys.. * @param alias * @return secret key from the storage */ public static byte[] getSecretKey(Credentials credentials, Text alias) { if(credentials == null) return null; return credentials.getSecretKey(alias); }
/** * auxiliary method to get user's secret keys.. * @param alias * @return secret key from the storage */ public static byte[] getSecretKey(Credentials credentials, Text alias) { if(credentials == null) return null; return credentials.getSecretKey(alias); }
@Test public void testUGICredentialsPropogation() throws Exception { Credentials creds = new Credentials(); Token<?> token = mock(Token.class); Text tokenService = new Text("service"); Text secretName = new Text("secret"); byte secret[] = new byte[]{}; creds.addToken(tokenService, token); creds.addSecretKey(secretName, secret); UserGroupInformation.getLoginUser().addCredentials(creds); JobConf jobConf = new JobConf(); Job job = new Job(jobConf); assertSame(token, job.getCredentials().getToken(tokenService)); assertSame(secret, job.getCredentials().getSecretKey(secretName)); } }
@Override public CredentialEntry getCredentialEntry(String alias) { byte[] bytes = credentials.getSecretKey(new Text(alias)); if (bytes == null) { return null; } return new CredentialEntry( alias, new String(bytes, StandardCharsets.UTF_8).toCharArray()); }
@Override public void deleteCredentialEntry(String name) throws IOException { byte[] cred = credentials.getSecretKey(new Text(name)); if (cred != null) { credentials.removeSecretKey(new Text(name)); } else { throw new IOException("Credential " + name + " does not exist in " + this); } }
@Override public void deleteCredentialEntry(String name) throws IOException { byte[] cred = credentials.getSecretKey(new Text(name)); if (cred != null) { credentials.removeSecretKey(new Text(name)); } else { throw new IOException("Credential " + name + " does not exist in " + this); } }
@Override public CredentialEntry getCredentialEntry(String alias) { byte[] bytes = credentials.getSecretKey(new Text(alias)); if (bytes == null) { return null; } return new CredentialEntry( alias, new String(bytes, Charsets.UTF_8).toCharArray()); }
@Override public void deleteCredentialEntry(String name) throws IOException { byte[] cred = credentials.getSecretKey(new Text(name)); if (cred != null) { credentials.removeSecretKey(new Text(name)); } else { throw new IOException("Credential " + name + " does not exist in " + this); } }
@Override public CredentialEntry createCredentialEntry(String name, char[] credential) throws IOException { Text nameT = new Text(name); if (credentials.getSecretKey(nameT) != null) { throw new IOException("Credential " + name + " already exists in " + this); } credentials.addSecretKey(new Text(name), new String(credential).getBytes("UTF-8")); return new CredentialEntry(name, credential); }
@Override public CredentialEntry createCredentialEntry(String name, char[] credential) throws IOException { Text nameT = new Text(name); if (credentials.getSecretKey(nameT) != null) { throw new IOException("Credential " + name + " already exists in " + this); } credentials.addSecretKey(new Text(name), new String(credential).getBytes("UTF-8")); return new CredentialEntry(name, credential); }
@Override public synchronized KeyVersion getKeyVersion(String versionName) throws IOException { byte[] bytes = credentials.getSecretKey(new Text(versionName)); if (bytes == null) { return null; } return new KeyVersion(getBaseName(versionName), versionName, bytes); }
@Test public void testUserProvider() throws Exception { Configuration conf = new Configuration(); final String ourUrl = UserProvider.SCHEME_NAME + ":///"; conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, ourUrl); checkSpecificProvider(conf, ourUrl); // see if the credentials are actually in the UGI Credentials credentials = UserGroupInformation.getCurrentUser().getCredentials(); assertArrayEquals(new byte[]{'1', '2', '3'}, credentials.getSecretKey(new Text("pass2"))); }