You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kyuubi.apache.org by ch...@apache.org on 2022/08/19 12:35:47 UTC
[incubator-kyuubi] branch master updated: [KYUUBI #3020][FOLLOWUP] Refactor the code style
This is an automated email from the ASF dual-hosted git repository.
chengpan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-kyuubi.git
The following commit(s) were added to refs/heads/master by this push:
new 327336f1d [KYUUBI #3020][FOLLOWUP] Refactor the code style
327336f1d is described below
commit 327336f1d6aac67e3cdbc5074be40cbf324e5022
Author: Fei Wang <fw...@ebay.com>
AuthorDate: Fri Aug 19 20:35:38 2022 +0800
[KYUUBI #3020][FOLLOWUP] Refactor the code style
### _Why are the changes needed?_
Followup of #3020
### _How was this patch tested?_
- [ ] Add some test cases that check the changes thoroughly including negative and positive cases if possible
- [ ] Add screenshots for manual tests if appropriate
- [ ] [Run test](https://kyuubi.apache.org/docs/latest/develop_tools/testing.html#running-tests) locally before make a pull request
Closes #3271 from turboFei/refine_ldap.
Closes #3020
caa35d84 [Fei Wang] comment
65597cb4 [Fei Wang] refine
Authored-by: Fei Wang <fw...@ebay.com>
Signed-off-by: Cheng Pan <ch...@apache.org>
---
.../org/apache/kyuubi/config/KyuubiConf.scala | 2 +-
.../LdapAuthenticationProviderImpl.scala | 42 ++++++++++------------
2 files changed, 20 insertions(+), 24 deletions(-)
diff --git a/kyuubi-common/src/main/scala/org/apache/kyuubi/config/KyuubiConf.scala b/kyuubi-common/src/main/scala/org/apache/kyuubi/config/KyuubiConf.scala
index 92caf84be..e6832d06f 100644
--- a/kyuubi-common/src/main/scala/org/apache/kyuubi/config/KyuubiConf.scala
+++ b/kyuubi-common/src/main/scala/org/apache/kyuubi/config/KyuubiConf.scala
@@ -2017,7 +2017,7 @@ object KyuubiConf {
DeprecatedConfig(
AUTHENTICATION_LDAP_GUIDKEY.key,
"1.6.0",
- s"using ${AUTHENTICATION_LDAP_BINDDN} instead"))
+ s"using ${AUTHENTICATION_LDAP_BINDDN.key} instead"))
Map(configs.map { cfg => cfg.key -> cfg }: _*)
}
diff --git a/kyuubi-common/src/main/scala/org/apache/kyuubi/service/authentication/LdapAuthenticationProviderImpl.scala b/kyuubi-common/src/main/scala/org/apache/kyuubi/service/authentication/LdapAuthenticationProviderImpl.scala
index 9bd80cdd7..e2932f844 100644
--- a/kyuubi-common/src/main/scala/org/apache/kyuubi/service/authentication/LdapAuthenticationProviderImpl.scala
+++ b/kyuubi-common/src/main/scala/org/apache/kyuubi/service/authentication/LdapAuthenticationProviderImpl.scala
@@ -60,27 +60,8 @@ class LdapAuthenticationProviderImpl(conf: KyuubiConf) extends PasswdAuthenticat
val domain = conf.get(AUTHENTICATION_LDAP_DOMAIN)
val mail = if (!hasDomain(user) && domain.nonEmpty) (user + "@" + domain.get) else user
- var bindDn = conf.get(AUTHENTICATION_LDAP_BINDDN).getOrElse("")
- val guidKey = conf.get(AUTHENTICATION_LDAP_GUIDKEY)
- if ("".equals(bindDn)) {
- bindDn = conf.get(AUTHENTICATION_LDAP_BASEDN) match {
- case Some(dn) => guidKey + "=" + mail + "," + dn
- case _ => mail
- }
- env.put(Context.SECURITY_PRINCIPAL, bindDn)
- env.put(Context.SECURITY_CREDENTIALS, password)
- try {
- val ctx = new InitialDirContext(env)
- ctx.close()
- } catch {
- case e: NamingException =>
- throw new AuthenticationException(
- s"Error validating LDAP user: $user," +
- s" bindDn: $bindDn.",
- e)
- }
- } else {
+ conf.get(AUTHENTICATION_LDAP_BINDDN).map { bindDn =>
val baseDn = conf.get(AUTHENTICATION_LDAP_BASEDN).getOrElse("")
val bindPw = conf.get(AUTHENTICATION_LDAP_PASSWORD).getOrElse("")
val attrs = conf.get(AUTHENTICATION_LDAP_ATTRIBUTES).toArray
@@ -92,8 +73,7 @@ class LdapAuthenticationProviderImpl(conf: KyuubiConf) extends PasswdAuthenticat
val sc = new SearchControls
sc.setReturningAttributes(attrs)
sc.setSearchScope(SearchControls.SUBTREE_SCOPE)
- val searchFilter = String.format("(%s=%s)", "mail", mail)
- nameEnuResults = ctx.search(baseDn, searchFilter, sc)
+ nameEnuResults = ctx.search(baseDn, s"(mail=$mail)", sc)
} catch {
case e: NamingException =>
throw new AuthenticationException(
@@ -130,8 +110,24 @@ class LdapAuthenticationProviderImpl(conf: KyuubiConf) extends PasswdAuthenticat
s"LDAP InitialLdapContext search results are empty, Error validating LDAP user: $user," +
s" bindDn: $bindDn.")
}
+ }.getOrElse {
+ val guidKey = conf.get(AUTHENTICATION_LDAP_GUIDKEY)
+ val bindDn = conf.get(AUTHENTICATION_LDAP_BASEDN) match {
+ case Some(dn) => guidKey + "=" + mail + "," + dn
+ case _ => mail
+ }
+ env.put(Context.SECURITY_PRINCIPAL, bindDn)
+ env.put(Context.SECURITY_CREDENTIALS, password)
+ try {
+ val ctx = new InitialDirContext(env)
+ ctx.close()
+ } catch {
+ case e: NamingException =>
+ throw new AuthenticationException(
+ s"Error validating LDAP user: $user, bindDn: $bindDn.",
+ e)
+ }
}
-
}
private def hasDomain(userName: String): Boolean = ServiceUtils.indexOfDomainMatch(userName) > 0