Addendum for HADOOP-10670.
This commit is contained in:
parent
28095c26f7
commit
2e9c690e90
|
@ -0,0 +1,84 @@
|
|||
/**
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License. See accompanying LICENSE file.
|
||||
*/
|
||||
package org.apache.hadoop.security.authentication.util;
|
||||
|
||||
import com.google.common.base.Charsets;
|
||||
import org.apache.hadoop.classification.InterfaceAudience;
|
||||
import org.apache.hadoop.classification.InterfaceStability;
|
||||
import org.apache.hadoop.security.authentication.server.AuthenticationFilter;
|
||||
import org.apache.hadoop.security.authentication.util.SignerSecretProvider;
|
||||
|
||||
import javax.servlet.ServletContext;
|
||||
import java.io.*;
|
||||
import java.nio.charset.Charset;
|
||||
import java.util.Properties;
|
||||
|
||||
/**
|
||||
* A SignerSecretProvider that simply loads a secret from a specified file.
|
||||
*/
|
||||
@InterfaceStability.Unstable
|
||||
@InterfaceAudience.Private
|
||||
public class FileSignerSecretProvider extends SignerSecretProvider {
|
||||
|
||||
private byte[] secret;
|
||||
private byte[][] secrets;
|
||||
|
||||
public FileSignerSecretProvider() {}
|
||||
|
||||
@Override
|
||||
public void init(Properties config, ServletContext servletContext,
|
||||
long tokenValidity) throws Exception {
|
||||
|
||||
String signatureSecretFile = config.getProperty(
|
||||
AuthenticationFilter.SIGNATURE_SECRET_FILE, null);
|
||||
|
||||
Reader reader = null;
|
||||
if (signatureSecretFile != null) {
|
||||
try {
|
||||
StringBuilder sb = new StringBuilder();
|
||||
reader = new InputStreamReader(
|
||||
new FileInputStream(signatureSecretFile), Charsets.UTF_8);
|
||||
int c = reader.read();
|
||||
while (c > -1) {
|
||||
sb.append((char) c);
|
||||
c = reader.read();
|
||||
}
|
||||
secret = sb.toString().getBytes(Charset.forName("UTF-8"));
|
||||
} catch (IOException ex) {
|
||||
throw new RuntimeException("Could not read signature secret file: " +
|
||||
signatureSecretFile);
|
||||
} finally {
|
||||
if (reader != null) {
|
||||
try {
|
||||
reader.close();
|
||||
} catch (IOException e) {
|
||||
// nothing to do
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
secrets = new byte[][]{secret};
|
||||
}
|
||||
|
||||
@Override
|
||||
public byte[] getCurrentSecret() {
|
||||
return secret;
|
||||
}
|
||||
|
||||
@Override
|
||||
public byte[][] getAllSecrets() {
|
||||
return secrets;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,51 @@
|
|||
/**
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License. See accompanying LICENSE file.
|
||||
*/
|
||||
package org.apache.hadoop.security.authentication.util;
|
||||
|
||||
import org.apache.hadoop.security.authentication.server.AuthenticationFilter;
|
||||
import org.junit.Assert;
|
||||
import org.junit.Test;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.FileWriter;
|
||||
import java.io.Writer;
|
||||
import java.util.Properties;
|
||||
|
||||
public class TestFileSignerSecretProvider {
|
||||
|
||||
@Test
|
||||
public void testGetSecrets() throws Exception {
|
||||
File testDir = new File(System.getProperty("test.build.data",
|
||||
"target/test-dir"));
|
||||
testDir.mkdirs();
|
||||
String secretValue = "hadoop";
|
||||
File secretFile = new File(testDir, "http-secret.txt");
|
||||
Writer writer = new FileWriter(secretFile);
|
||||
writer.write(secretValue);
|
||||
writer.close();
|
||||
|
||||
FileSignerSecretProvider secretProvider
|
||||
= new FileSignerSecretProvider();
|
||||
Properties secretProviderProps = new Properties();
|
||||
secretProviderProps.setProperty(
|
||||
AuthenticationFilter.SIGNATURE_SECRET_FILE,
|
||||
secretFile.getAbsolutePath());
|
||||
secretProvider.init(secretProviderProps, null, -1);
|
||||
Assert.assertArrayEquals(secretValue.getBytes(),
|
||||
secretProvider.getCurrentSecret());
|
||||
byte[][] allSecrets = secretProvider.getAllSecrets();
|
||||
Assert.assertEquals(1, allSecrets.length);
|
||||
Assert.assertArrayEquals(secretValue.getBytes(), allSecrets[0]);
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue