You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by wh...@apache.org on 2015/03/25 20:31:20 UTC
[2/2] hadoop git commit: Addendum for HADOOP-10670.
Addendum for HADOOP-10670.
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/2e9c690e
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/2e9c690e
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/2e9c690e
Branch: refs/heads/branch-2.7
Commit: 2e9c690e90575635978c9fbf39ae28dad264907d
Parents: 28095c2
Author: Haohui Mai <wh...@apache.org>
Authored: Wed Mar 25 12:29:44 2015 -0700
Committer: Haohui Mai <wh...@apache.org>
Committed: Wed Mar 25 12:31:03 2015 -0700
----------------------------------------------------------------------
.../util/FileSignerSecretProvider.java | 84 ++++++++++++++++++++
.../util/TestFileSignerSecretProvider.java | 51 ++++++++++++
2 files changed, 135 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hadoop/blob/2e9c690e/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/FileSignerSecretProvider.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/FileSignerSecretProvider.java b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/FileSignerSecretProvider.java
new file mode 100644
index 0000000..e8aa160
--- /dev/null
+++ b/hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/FileSignerSecretProvider.java
@@ -0,0 +1,84 @@
+/**
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License. See accompanying LICENSE file.
+ */
+package org.apache.hadoop.security.authentication.util;
+
+import com.google.common.base.Charsets;
+import org.apache.hadoop.classification.InterfaceAudience;
+import org.apache.hadoop.classification.InterfaceStability;
+import org.apache.hadoop.security.authentication.server.AuthenticationFilter;
+import org.apache.hadoop.security.authentication.util.SignerSecretProvider;
+
+import javax.servlet.ServletContext;
+import java.io.*;
+import java.nio.charset.Charset;
+import java.util.Properties;
+
+/**
+ * A SignerSecretProvider that simply loads a secret from a specified file.
+ */
+@InterfaceStability.Unstable
+@InterfaceAudience.Private
+public class FileSignerSecretProvider extends SignerSecretProvider {
+
+ private byte[] secret;
+ private byte[][] secrets;
+
+ public FileSignerSecretProvider() {}
+
+ @Override
+ public void init(Properties config, ServletContext servletContext,
+ long tokenValidity) throws Exception {
+
+ String signatureSecretFile = config.getProperty(
+ AuthenticationFilter.SIGNATURE_SECRET_FILE, null);
+
+ Reader reader = null;
+ if (signatureSecretFile != null) {
+ try {
+ StringBuilder sb = new StringBuilder();
+ reader = new InputStreamReader(
+ new FileInputStream(signatureSecretFile), Charsets.UTF_8);
+ int c = reader.read();
+ while (c > -1) {
+ sb.append((char) c);
+ c = reader.read();
+ }
+ secret = sb.toString().getBytes(Charset.forName("UTF-8"));
+ } catch (IOException ex) {
+ throw new RuntimeException("Could not read signature secret file: " +
+ signatureSecretFile);
+ } finally {
+ if (reader != null) {
+ try {
+ reader.close();
+ } catch (IOException e) {
+ // nothing to do
+ }
+ }
+ }
+ }
+
+ secrets = new byte[][]{secret};
+ }
+
+ @Override
+ public byte[] getCurrentSecret() {
+ return secret;
+ }
+
+ @Override
+ public byte[][] getAllSecrets() {
+ return secrets;
+ }
+}
http://git-wip-us.apache.org/repos/asf/hadoop/blob/2e9c690e/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestFileSignerSecretProvider.java
----------------------------------------------------------------------
diff --git a/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestFileSignerSecretProvider.java b/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestFileSignerSecretProvider.java
new file mode 100644
index 0000000..1856410
--- /dev/null
+++ b/hadoop-common-project/hadoop-auth/src/test/java/org/apache/hadoop/security/authentication/util/TestFileSignerSecretProvider.java
@@ -0,0 +1,51 @@
+/**
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License. See accompanying LICENSE file.
+ */
+package org.apache.hadoop.security.authentication.util;
+
+import org.apache.hadoop.security.authentication.server.AuthenticationFilter;
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.io.File;
+import java.io.FileWriter;
+import java.io.Writer;
+import java.util.Properties;
+
+public class TestFileSignerSecretProvider {
+
+ @Test
+ public void testGetSecrets() throws Exception {
+ File testDir = new File(System.getProperty("test.build.data",
+ "target/test-dir"));
+ testDir.mkdirs();
+ String secretValue = "hadoop";
+ File secretFile = new File(testDir, "http-secret.txt");
+ Writer writer = new FileWriter(secretFile);
+ writer.write(secretValue);
+ writer.close();
+
+ FileSignerSecretProvider secretProvider
+ = new FileSignerSecretProvider();
+ Properties secretProviderProps = new Properties();
+ secretProviderProps.setProperty(
+ AuthenticationFilter.SIGNATURE_SECRET_FILE,
+ secretFile.getAbsolutePath());
+ secretProvider.init(secretProviderProps, null, -1);
+ Assert.assertArrayEquals(secretValue.getBytes(),
+ secretProvider.getCurrentSecret());
+ byte[][] allSecrets = secretProvider.getAllSecrets();
+ Assert.assertEquals(1, allSecrets.length);
+ Assert.assertArrayEquals(secretValue.getBytes(), allSecrets[0]);
+ }
+}