You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kyuubi.apache.org by ch...@apache.org on 2022/08/19 12:35:47 UTC

[incubator-kyuubi] branch master updated: [KYUUBI #3020][FOLLOWUP] Refactor the code style

This is an automated email from the ASF dual-hosted git repository.

chengpan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-kyuubi.git


The following commit(s) were added to refs/heads/master by this push:
     new 327336f1d [KYUUBI #3020][FOLLOWUP] Refactor the code style
327336f1d is described below

commit 327336f1d6aac67e3cdbc5074be40cbf324e5022
Author: Fei Wang <fw...@ebay.com>
AuthorDate: Fri Aug 19 20:35:38 2022 +0800

    [KYUUBI #3020][FOLLOWUP] Refactor the code style
    
    ### _Why are the changes needed?_
    
    Followup of #3020
    ### _How was this patch tested?_
    - [ ] Add some test cases that check the changes thoroughly including negative and positive cases if possible
    
    - [ ] Add screenshots for manual tests if appropriate
    
    - [ ] [Run test](https://kyuubi.apache.org/docs/latest/develop_tools/testing.html#running-tests) locally before make a pull request
    
    Closes #3271 from turboFei/refine_ldap.
    
    Closes #3020
    
    caa35d84 [Fei Wang] comment
    65597cb4 [Fei Wang] refine
    
    Authored-by: Fei Wang <fw...@ebay.com>
    Signed-off-by: Cheng Pan <ch...@apache.org>
---
 .../org/apache/kyuubi/config/KyuubiConf.scala      |  2 +-
 .../LdapAuthenticationProviderImpl.scala           | 42 ++++++++++------------
 2 files changed, 20 insertions(+), 24 deletions(-)

diff --git a/kyuubi-common/src/main/scala/org/apache/kyuubi/config/KyuubiConf.scala b/kyuubi-common/src/main/scala/org/apache/kyuubi/config/KyuubiConf.scala
index 92caf84be..e6832d06f 100644
--- a/kyuubi-common/src/main/scala/org/apache/kyuubi/config/KyuubiConf.scala
+++ b/kyuubi-common/src/main/scala/org/apache/kyuubi/config/KyuubiConf.scala
@@ -2017,7 +2017,7 @@ object KyuubiConf {
       DeprecatedConfig(
         AUTHENTICATION_LDAP_GUIDKEY.key,
         "1.6.0",
-        s"using ${AUTHENTICATION_LDAP_BINDDN} instead"))
+        s"using ${AUTHENTICATION_LDAP_BINDDN.key} instead"))
     Map(configs.map { cfg => cfg.key -> cfg }: _*)
   }
 
diff --git a/kyuubi-common/src/main/scala/org/apache/kyuubi/service/authentication/LdapAuthenticationProviderImpl.scala b/kyuubi-common/src/main/scala/org/apache/kyuubi/service/authentication/LdapAuthenticationProviderImpl.scala
index 9bd80cdd7..e2932f844 100644
--- a/kyuubi-common/src/main/scala/org/apache/kyuubi/service/authentication/LdapAuthenticationProviderImpl.scala
+++ b/kyuubi-common/src/main/scala/org/apache/kyuubi/service/authentication/LdapAuthenticationProviderImpl.scala
@@ -60,27 +60,8 @@ class LdapAuthenticationProviderImpl(conf: KyuubiConf) extends PasswdAuthenticat
 
     val domain = conf.get(AUTHENTICATION_LDAP_DOMAIN)
     val mail = if (!hasDomain(user) && domain.nonEmpty) (user + "@" + domain.get) else user
-    var bindDn = conf.get(AUTHENTICATION_LDAP_BINDDN).getOrElse("")
-    val guidKey = conf.get(AUTHENTICATION_LDAP_GUIDKEY)
 
-    if ("".equals(bindDn)) {
-      bindDn = conf.get(AUTHENTICATION_LDAP_BASEDN) match {
-        case Some(dn) => guidKey + "=" + mail + "," + dn
-        case _ => mail
-      }
-      env.put(Context.SECURITY_PRINCIPAL, bindDn)
-      env.put(Context.SECURITY_CREDENTIALS, password)
-      try {
-        val ctx = new InitialDirContext(env)
-        ctx.close()
-      } catch {
-        case e: NamingException =>
-          throw new AuthenticationException(
-            s"Error validating LDAP user: $user," +
-              s" bindDn: $bindDn.",
-            e)
-      }
-    } else {
+    conf.get(AUTHENTICATION_LDAP_BINDDN).map { bindDn =>
       val baseDn = conf.get(AUTHENTICATION_LDAP_BASEDN).getOrElse("")
       val bindPw = conf.get(AUTHENTICATION_LDAP_PASSWORD).getOrElse("")
       val attrs = conf.get(AUTHENTICATION_LDAP_ATTRIBUTES).toArray
@@ -92,8 +73,7 @@ class LdapAuthenticationProviderImpl(conf: KyuubiConf) extends PasswdAuthenticat
         val sc = new SearchControls
         sc.setReturningAttributes(attrs)
         sc.setSearchScope(SearchControls.SUBTREE_SCOPE)
-        val searchFilter = String.format("(%s=%s)", "mail", mail)
-        nameEnuResults = ctx.search(baseDn, searchFilter, sc)
+        nameEnuResults = ctx.search(baseDn, s"(mail=$mail)", sc)
       } catch {
         case e: NamingException =>
           throw new AuthenticationException(
@@ -130,8 +110,24 @@ class LdapAuthenticationProviderImpl(conf: KyuubiConf) extends PasswdAuthenticat
           s"LDAP InitialLdapContext search results are empty, Error validating LDAP user: $user," +
             s" bindDn: $bindDn.")
       }
+    }.getOrElse {
+      val guidKey = conf.get(AUTHENTICATION_LDAP_GUIDKEY)
+      val bindDn = conf.get(AUTHENTICATION_LDAP_BASEDN) match {
+        case Some(dn) => guidKey + "=" + mail + "," + dn
+        case _ => mail
+      }
+      env.put(Context.SECURITY_PRINCIPAL, bindDn)
+      env.put(Context.SECURITY_CREDENTIALS, password)
+      try {
+        val ctx = new InitialDirContext(env)
+        ctx.close()
+      } catch {
+        case e: NamingException =>
+          throw new AuthenticationException(
+            s"Error validating LDAP user: $user, bindDn: $bindDn.",
+            e)
+      }
     }
-
   }
 
   private def hasDomain(userName: String): Boolean = ServiceUtils.indexOfDomainMatch(userName) > 0