You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by GitBox <gi...@apache.org> on 2022/09/21 13:38:11 UTC
[GitHub] [knox] smolnar82 opened a new pull request, #633: KNOX-2805 - getUserTokens honours different metadata values with the same name
smolnar82 opened a new pull request, #633:
URL: https://github.com/apache/knox/pull/633
## What changes were proposed in this pull request?
If the user supplied the same metadata name with different values in Knox's `getUserTokens` API, the result only contained tokens that matched the first name/value pair. This is now fixed by including all values of each metadata name during the filter logic.
## How was this patch tested?
I manually tested this feature and added the metadata/expected result matrix in KNOX-2805.
The `curl` command I used to create the tokens:
```
curl -iku admin:admin-password --cookie "hadoop-jwt=$HADOOP_JWT_COOKIE" -X GET "https://localhost:8443/gateway/homepage/knoxtoken/api/v1/token?md_Name=reina&md_Score=50"
curl -iku admin:admin-password --cookie "hadoop-jwt=$HADOOP_JWT_COOKIE" -X GET "https://localhost:8443/gateway/homepage/knoxtoken/api/v1/token?md_Name=mary&md_Score=100"
curl -iku admin:admin-password --cookie "hadoop-jwt=$HADOOP_JWT_COOKIE" -X GET "https://localhost:8443/gateway/homepage/knoxtoken/api/v1/token?md_Name=mary&md_Score=20&md_Grade=A"
```
<img width="1788" alt="Screenshot 2022-09-21 at 15 30 05" src="https://user-images.githubusercontent.com/34065904/191517032-3aeb48cc-e7d5-4b60-9396-988c30cace62.png">
Here are the `curl` commands and responses I used for verifying my changes:
```
curl -iku admin:admin-password --cookie "hadoop-jwt=$HADOOP_JWT_COOKIE" -X GET "https://localhost:8443/gateway/homepage/knoxtoken/api/v1/token/getUserTokens?userName=admin"
{
"tokens": [{
"tokenId": "fff4eb61-09c0-4460-aba9-0ccf45e31cef",
"issueTime": "2022-09-21T14:49:32.701+0200",
"expiration": "2023-01-19T13:49:32.698+0100",
"maxLifetime": "2022-09-28T14:49:32.701+0200",
"metadata": {
"enabled": true,
"createdBy": null,
"customMetadataMap": {
"Score": "50",
"Name": "reina"
},
"userName": "admin",
"comment": null
},
"issueTimeLong": 1663764572701,
"expirationLong": 1674132572698,
"maxLifetimeLong": 1664369372701
}, {
"tokenId": "dec27b78-82e1-423e-bd6d-3847bf0be026",
"issueTime": "2022-09-21T14:49:32.751+0200",
"expiration": "2023-01-19T13:49:32.748+0100",
"maxLifetime": "2022-09-28T14:49:32.751+0200",
"metadata": {
"enabled": true,
"createdBy": null,
"customMetadataMap": {
"Score": "100",
"Name": "mary"
},
"userName": "admin",
"comment": null
},
"issueTimeLong": 1663764572751,
"expirationLong": 1674132572748,
"maxLifetimeLong": 1664369372751
}, {
"tokenId": "0a68d122-f2d1-41a8-9da3-b12ff9e463e4",
"issueTime": "2022-09-21T14:49:32.808+0200",
"expiration": "2023-01-19T13:49:32.805+0100",
"maxLifetime": "2022-09-28T14:49:32.808+0200",
"metadata": {
"enabled": true,
"createdBy": null,
"customMetadataMap": {
"Score": "20",
"Grade": "A",
"Name": "mary"
},
"userName": "admin",
"comment": null
},
"issueTimeLong": 1663764572808,
"expirationLong": 1674132572805,
"maxLifetimeLong": 1664369372808
}]
}
```
```
curl -iku admin:admin-password --cookie "hadoop-jwt=$HADOOP_JWT_COOKIE" -X GET "https://localhost:8443/gateway/homepage/knoxtoken/api/v1/token/getUserTokens?userName=admin&md_Name=reina"
{
"tokens": [{
"tokenId": "fff4eb61-09c0-4460-aba9-0ccf45e31cef",
"issueTime": "2022-09-21T14:49:32.701+0200",
"expiration": "2023-01-19T13:49:32.698+0100",
"maxLifetime": "2022-09-28T14:49:32.701+0200",
"metadata": {
"enabled": true,
"createdBy": null,
"customMetadataMap": {
"Score": "50",
"Name": "reina"
},
"userName": "admin",
"comment": null
},
"issueTimeLong": 1663764572701,
"expirationLong": 1674132572698,
"maxLifetimeLong": 1664369372701
}]
}
```
```
curl -iku admin:admin-password --cookie "hadoop-jwt=$HADOOP_JWT_COOKIE" -X GET "https://localhost:8443/gateway/homepage/knoxtoken/api/v1/token/getUserTokens?userName=admin&md_Name=mary"
{
"tokens": [{
"tokenId": "dec27b78-82e1-423e-bd6d-3847bf0be026",
"issueTime": "2022-09-21T14:49:32.751+0200",
"expiration": "2023-01-19T13:49:32.748+0100",
"maxLifetime": "2022-09-28T14:49:32.751+0200",
"metadata": {
"enabled": true,
"createdBy": null,
"customMetadataMap": {
"Score": "100",
"Name": "mary"
},
"userName": "admin",
"comment": null
},
"issueTimeLong": 1663764572751,
"expirationLong": 1674132572748,
"maxLifetimeLong": 1664369372751
}, {
"tokenId": "0a68d122-f2d1-41a8-9da3-b12ff9e463e4",
"issueTime": "2022-09-21T14:49:32.808+0200",
"expiration": "2023-01-19T13:49:32.805+0100",
"maxLifetime": "2022-09-28T14:49:32.808+0200",
"metadata": {
"enabled": true,
"createdBy": null,
"customMetadataMap": {
"Score": "20",
"Grade": "A",
"Name": "mary"
},
"userName": "admin",
"comment": null
},
"issueTimeLong": 1663764572808,
"expirationLong": 1674132572805,
"maxLifetimeLong": 1664369372808
}]
}
```
```
curl -iku admin:admin-password --cookie "hadoop-jwt=$HADOOP_JWT_COOKIE" -X GET "https://localhost:8443/gateway/homepage/knoxtoken/api/v1/token/getUserTokens?userName=admin&md_Score=100"
{
"tokens": [{
"tokenId": "dec27b78-82e1-423e-bd6d-3847bf0be026",
"issueTime": "2022-09-21T14:49:32.751+0200",
"expiration": "2023-01-19T13:49:32.748+0100",
"maxLifetime": "2022-09-28T14:49:32.751+0200",
"metadata": {
"enabled": true,
"createdBy": null,
"customMetadataMap": {
"Score": "100",
"Name": "mary"
},
"userName": "admin",
"comment": null
},
"issueTimeLong": 1663764572751,
"expirationLong": 1674132572748,
"maxLifetimeLong": 1664369372751
}]
}
```
```
curl -iku admin:admin-password --cookie "hadoop-jwt=$HADOOP_JWT_COOKIE" -X GET "https://localhost:8443/gateway/homepage/knoxtoken/api/v1/token/getUserTokens?userName=admin&md_Name=mary&md_Score=20"
{
"tokens": [{
"tokenId": "dec27b78-82e1-423e-bd6d-3847bf0be026",
"issueTime": "2022-09-21T14:49:32.751+0200",
"expiration": "2023-01-19T13:49:32.748+0100",
"maxLifetime": "2022-09-28T14:49:32.751+0200",
"metadata": {
"enabled": true,
"createdBy": null,
"customMetadataMap": {
"Score": "100",
"Name": "mary"
},
"userName": "admin",
"comment": null
},
"issueTimeLong": 1663764572751,
"expirationLong": 1674132572748,
"maxLifetimeLong": 1664369372751
}, {
"tokenId": "0a68d122-f2d1-41a8-9da3-b12ff9e463e4",
"issueTime": "2022-09-21T14:49:32.808+0200",
"expiration": "2023-01-19T13:49:32.805+0100",
"maxLifetime": "2022-09-28T14:49:32.808+0200",
"metadata": {
"enabled": true,
"createdBy": null,
"customMetadataMap": {
"Score": "20",
"Grade": "A",
"Name": "mary"
},
"userName": "admin",
"comment": null
},
"issueTimeLong": 1663764572808,
"expirationLong": 1674132572805,
"maxLifetimeLong": 1664369372808
}]
}
```
```
curl -iku admin:admin-password --cookie "hadoop-jwt=$HADOOP_JWT_COOKIE" -X GET "https://localhost:8443/gateway/homepage/knoxtoken/api/v1/token/getUserTokens?userName=admin&md_Name=mary&md_Name=reina"
{
"tokens": [{
"tokenId": "fff4eb61-09c0-4460-aba9-0ccf45e31cef",
"issueTime": "2022-09-21T14:49:32.701+0200",
"expiration": "2023-01-19T13:49:32.698+0100",
"maxLifetime": "2022-09-28T14:49:32.701+0200",
"metadata": {
"enabled": true,
"createdBy": null,
"customMetadataMap": {
"Score": "50",
"Name": "reina"
},
"userName": "admin",
"comment": null
},
"issueTimeLong": 1663764572701,
"expirationLong": 1674132572698,
"maxLifetimeLong": 1664369372701
}, {
"tokenId": "dec27b78-82e1-423e-bd6d-3847bf0be026",
"issueTime": "2022-09-21T14:49:32.751+0200",
"expiration": "2023-01-19T13:49:32.748+0100",
"maxLifetime": "2022-09-28T14:49:32.751+0200",
"metadata": {
"enabled": true,
"createdBy": null,
"customMetadataMap": {
"Score": "100",
"Name": "mary"
},
"userName": "admin",
"comment": null
},
"issueTimeLong": 1663764572751,
"expirationLong": 1674132572748,
"maxLifetimeLong": 1664369372751
}, {
"tokenId": "0a68d122-f2d1-41a8-9da3-b12ff9e463e4",
"issueTime": "2022-09-21T14:49:32.808+0200",
"expiration": "2023-01-19T13:49:32.805+0100",
"maxLifetime": "2022-09-28T14:49:32.808+0200",
"metadata": {
"enabled": true,
"createdBy": null,
"customMetadataMap": {
"Score": "20",
"Grade": "A",
"Name": "mary"
},
"userName": "admin",
"comment": null
},
"issueTimeLong": 1663764572808,
"expirationLong": 1674132572805,
"maxLifetimeLong": 1664369372808
}]
}
```
```
curl -iku admin:admin-password --cookie "hadoop-jwt=$HADOOP_JWT_COOKIE" -X GET "https://localhost:8443/gateway/homepage/knoxtoken/api/v1/token/getUserTokens?userName=admin&md_Name=*"
{
"tokens": [{
"tokenId": "fff4eb61-09c0-4460-aba9-0ccf45e31cef",
"issueTime": "2022-09-21T14:49:32.701+0200",
"expiration": "2023-01-19T13:49:32.698+0100",
"maxLifetime": "2022-09-28T14:49:32.701+0200",
"metadata": {
"enabled": true,
"createdBy": null,
"customMetadataMap": {
"Score": "50",
"Name": "reina"
},
"userName": "admin",
"comment": null
},
"issueTimeLong": 1663764572701,
"expirationLong": 1674132572698,
"maxLifetimeLong": 1664369372701
}, {
"tokenId": "dec27b78-82e1-423e-bd6d-3847bf0be026",
"issueTime": "2022-09-21T14:49:32.751+0200",
"expiration": "2023-01-19T13:49:32.748+0100",
"maxLifetime": "2022-09-28T14:49:32.751+0200",
"metadata": {
"enabled": true,
"createdBy": null,
"customMetadataMap": {
"Score": "100",
"Name": "mary"
},
"userName": "admin",
"comment": null
},
"issueTimeLong": 1663764572751,
"expirationLong": 1674132572748,
"maxLifetimeLong": 1664369372751
}, {
"tokenId": "0a68d122-f2d1-41a8-9da3-b12ff9e463e4",
"issueTime": "2022-09-21T14:49:32.808+0200",
"expiration": "2023-01-19T13:49:32.805+0100",
"maxLifetime": "2022-09-28T14:49:32.808+0200",
"metadata": {
"enabled": true,
"createdBy": null,
"customMetadataMap": {
"Score": "20",
"Grade": "A",
"Name": "mary"
},
"userName": "admin",
"comment": null
},
"issueTimeLong": 1663764572808,
"expirationLong": 1674132572805,
"maxLifetimeLong": 1664369372808
}]
}
```
```
curl -iku admin:admin-password --cookie "hadoop-jwt=$HADOOP_JWT_COOKIE" -X GET "https://localhost:8443/gateway/homepage/knoxtoken/api/v1/token/getUserTokens?userName=admin&md_Unknown=*"
{
"tokens": []
}
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscribe@knox.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [knox] smolnar82 merged pull request #633: KNOX-2805 - getUserTokens honours different metadata values with the same name
Posted by GitBox <gi...@apache.org>.
smolnar82 merged PR #633:
URL: https://github.com/apache/knox/pull/633
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscribe@knox.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [knox] smolnar82 commented on pull request #633: KNOX-2805 - getUserTokens honours different metadata values with the same name
Posted by GitBox <gi...@apache.org>.
smolnar82 commented on PR #633:
URL: https://github.com/apache/knox/pull/633#issuecomment-1253726557
Cc. @MrtnBalazs
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscribe@knox.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org