Apache
/
hadoop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

HADOOP-11864. JWTRedirectAuthenticationHandler breaks java8 javadocs. (Larry McCay via stevel)

This commit is contained in:
Steve Loughran 2015-04-23 09:06:02 +01:00
parent 4054db5098
commit 4f9b24b90a
2 changed files with 18 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/server/JWTRedirectAuthenticationHandler.java
View File

@ -59,8 +59,9 @@ import com.nimbusds.jose.crypto.RSASSAVerifier;
* The user identity is then extracted from the token and used to create an * The user identity is then extracted from the token and used to create an
* AuthenticationToken - as expected by the AuthenticationFilter. * AuthenticationToken - as expected by the AuthenticationFilter.
* *
* <p/> * <p>
* The supported configuration properties are: * The supported configuration properties are:
* </p>
* <ul> * <ul>
* <li>authentication.provider.url: the full URL to the authentication server. * <li>authentication.provider.url: the full URL to the authentication server.
* This is the URL that the handler will redirect the browser to in order to * This is the URL that the handler will redirect the browser to in order to
@ -96,7 +97,7 @@ public class JWTRedirectAuthenticationHandler extends
* Primarily for testing, this provides a way to set the publicKey for * Primarily for testing, this provides a way to set the publicKey for
* signature verification without needing to get a PEM encoded value. * signature verification without needing to get a PEM encoded value.
* *
* @param pk * @param pk publicKey for the token signtature verification
*/ */
public void setPublicKey(RSAPublicKey pk) { public void setPublicKey(RSAPublicKey pk) {
publicKey = pk; publicKey = pk;
@ -104,9 +105,9 @@ public class JWTRedirectAuthenticationHandler extends
/** /**
* Initializes the authentication handler instance. * Initializes the authentication handler instance.
* <p/> * <p>
* This method is invoked by the {@link AuthenticationFilter#init} method. * This method is invoked by the {@link AuthenticationFilter#init} method.
* * </p>
* @param config * @param config
* configuration properties to initialize the handler. * configuration properties to initialize the handler.
* *
@ -162,7 +163,7 @@ public class JWTRedirectAuthenticationHandler extends
HttpServletRequest req = (HttpServletRequest) request; HttpServletRequest req = (HttpServletRequest) request;
serializedJWT = getJWTFromCookie(req); serializedJWT = getJWTFromCookie(req);
if (serializedJWT == null) { if (serializedJWT == null) {
String loginURL = constructLoginURL(request, response); String loginURL = constructLoginURL(request);
LOG.info("sending redirect to: " + loginURL); LOG.info("sending redirect to: " + loginURL);
((HttpServletResponse) response).sendRedirect(loginURL); ((HttpServletResponse) response).sendRedirect(loginURL);
} else { } else {
@ -186,7 +187,7 @@ public class JWTRedirectAuthenticationHandler extends
LOG.debug("Issuing AuthenticationToken for user."); LOG.debug("Issuing AuthenticationToken for user.");
token = new AuthenticationToken(userName, userName, getType()); token = new AuthenticationToken(userName, userName, getType());
} else { } else {
String loginURL = constructLoginURL(request, response); String loginURL = constructLoginURL(request);
LOG.info("token validation failed - sending redirect to: " + loginURL); LOG.info("token validation failed - sending redirect to: " + loginURL);
((HttpServletResponse) response).sendRedirect(loginURL); ((HttpServletResponse) response).sendRedirect(loginURL);
} }
@ -198,8 +199,7 @@ public class JWTRedirectAuthenticationHandler extends
* Encapsulate the acquisition of the JWT token from HTTP cookies within the * Encapsulate the acquisition of the JWT token from HTTP cookies within the
* request. * request.
* *
* @param serializedJWT * @param req servlet request to get the JWT token from
* @param req
* @return serialized JWT token * @return serialized JWT token
*/ */
protected String getJWTFromCookie(HttpServletRequest req) { protected String getJWTFromCookie(HttpServletRequest req) {
@ -223,12 +223,10 @@ public class JWTRedirectAuthenticationHandler extends
* Create the URL to be used for authentication of the user in the absence of * Create the URL to be used for authentication of the user in the absence of
* a JWT token within the incoming request. * a JWT token within the incoming request.
* *
* @param request * @param request for getting the original request URL
* @param response
* @return url to use as login url for redirect * @return url to use as login url for redirect
*/ */
protected String constructLoginURL(HttpServletRequest request, protected String constructLoginURL(HttpServletRequest request) {
HttpServletResponse response) {
String delimiter = "?"; String delimiter = "?";
if (authenticationProviderUrl.contains("?")) { if (authenticationProviderUrl.contains("?")) {
delimiter = "&"; delimiter = "&";
@ -245,9 +243,8 @@ public class JWTRedirectAuthenticationHandler extends
* this implementation through submethods used within but also allows for the * this implementation through submethods used within but also allows for the
* override of the entire token validation algorithm. * override of the entire token validation algorithm.
* *
* @param jwtToken * @param jwtToken the token to validate
* @return true if valid * @return true if valid
* @throws AuthenticationException
*/ */
protected boolean validateToken(SignedJWT jwtToken) { protected boolean validateToken(SignedJWT jwtToken) {
boolean sigValid = validateSignature(jwtToken); boolean sigValid = validateSignature(jwtToken);
@ -272,8 +269,8 @@ public class JWTRedirectAuthenticationHandler extends
* provisioned public key. Override this method in subclasses in order to * provisioned public key. Override this method in subclasses in order to
* customize the signature verification behavior. * customize the signature verification behavior.
* *
* @param jwtToken * @param jwtToken the token that contains the signature to be validated
* @throws AuthenticationException * @return valid true if signature verifies successfully; false otherwise
*/ */
protected boolean validateSignature(SignedJWT jwtToken) { protected boolean validateSignature(SignedJWT jwtToken) {
boolean valid = false; boolean valid = false;
@ -341,8 +338,8 @@ public class JWTRedirectAuthenticationHandler extends
* If it has then throw an AuthenticationException. Override this method in * If it has then throw an AuthenticationException. Override this method in
* subclasses in order to customize the expiration validation behavior. * subclasses in order to customize the expiration validation behavior.
* *
* @param jwtToken * @param jwtToken the token that contains the expiration date to validate
* @throws AuthenticationException * @return valid true if the token has not expired; false otherwise
*/ */
protected boolean validateExpiration(SignedJWT jwtToken) { protected boolean validateExpiration(SignedJWT jwtToken) {
boolean valid = false; boolean valid = false;

3
hadoop-common-project/hadoop-common/CHANGES.txt
View File

@ -101,6 +101,9 @@ Release 2.8.0 - UNRELEASED
HADOOP-11861. test-patch.sh rewrite addendum patch. HADOOP-11861. test-patch.sh rewrite addendum patch.
(Allen Wittenauer via cnauroth) (Allen Wittenauer via cnauroth)
HADOOP-11864. JWTRedirectAuthenticationHandler breaks java8 javadocs.
(Larry McCay via stevel)
Release 2.7.1 - UNRELEASED Release 2.7.1 - UNRELEASED
INCOMPATIBLE CHANGES INCOMPATIBLE CHANGES