From 55cae10bebf68ff72e7e212a11152edfcf6207c4 Mon Sep 17 00:00:00 2001 From: Bharath Vissapragada Date: Wed, 16 Sep 2020 08:07:48 -0700 Subject: [PATCH] HBASE-23330: Fix delegation token fetch with MasterRegistry Signed-off-by: Andrew Purtell --- .../hadoop/hbase/client/Connection.java | 5 ++++ .../hbase/client/ConnectionAdapter.java | 5 ++++ .../hbase/client/ConnectionManager.java | 5 ++++ .../hbase/security/token/TokenUtil.java | 24 ++++++------------- .../client/TestMasterAddressRefresher.java | 5 ++++ 5 files changed, 27 insertions(+), 17 deletions(-) diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/client/Connection.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/client/Connection.java index bce0f910daf..f72a6ef82c1 100644 --- a/hbase-client/src/main/java/org/apache/hadoop/hbase/client/Connection.java +++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/client/Connection.java @@ -166,6 +166,11 @@ public interface Connection extends Abortable, Closeable { */ Admin getAdmin() throws IOException; + /** + * @return the cluster ID unique to this HBase cluster. + */ + String getClusterId() throws IOException; + @Override public void close() throws IOException; diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/client/ConnectionAdapter.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/client/ConnectionAdapter.java index 0bed7efad7c..ac4a34281e8 100644 --- a/hbase-client/src/main/java/org/apache/hadoop/hbase/client/ConnectionAdapter.java +++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/client/ConnectionAdapter.java @@ -501,4 +501,9 @@ abstract class ConnectionAdapter implements ClusterConnection { public RpcControllerFactory getRpcControllerFactory() { return wrappedConnection.getRpcControllerFactory(); } + + @Override + public String getClusterId() throws IOException { + return wrappedConnection.getClusterId(); + } } diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/client/ConnectionManager.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/client/ConnectionManager.java index 5addc7a1cc5..82b364e5b93 100644 --- a/hbase-client/src/main/java/org/apache/hadoop/hbase/client/ConnectionManager.java +++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/client/ConnectionManager.java @@ -824,6 +824,11 @@ class ConnectionManager { return new HBaseAdmin(this); } + @Override + public String getClusterId() throws IOException { + return registry.getClusterId(); + } + @Override public MetricsConnection getConnectionMetrics() { return this.metrics; diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/TokenUtil.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/TokenUtil.java index 78e438c0339..5d30bf8ecb3 100644 --- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/TokenUtil.java +++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/token/TokenUtil.java @@ -305,7 +305,7 @@ public class TokenUtil { public static void addTokenForJob(final Connection conn, final JobConf job, User user) throws IOException, InterruptedException { - Token token = getAuthToken(conn.getConfiguration(), user); + Token token = getAuthToken(conn, user); if (token == null) { token = obtainToken(conn, user); } @@ -324,7 +324,7 @@ public class TokenUtil { */ public static void addTokenForJob(final Connection conn, User user, Job job) throws IOException, InterruptedException { - Token token = getAuthToken(conn.getConfiguration(), user); + Token token = getAuthToken(conn, user); if (token == null) { token = obtainToken(conn, user); } @@ -343,7 +343,7 @@ public class TokenUtil { */ public static boolean addTokenIfMissing(Connection conn, User user) throws IOException, InterruptedException { - Token token = getAuthToken(conn.getConfiguration(), user); + Token token = getAuthToken(conn, user); if (token == null) { token = obtainToken(conn, user); user.getUGI().addToken(token.getService(), token); @@ -356,19 +356,9 @@ public class TokenUtil { * Get the authentication token of the user for the cluster specified in the configuration * @return null if the user does not have the token, otherwise the auth token for the cluster. */ - private static Token getAuthToken(Configuration conf, User user) - throws IOException, InterruptedException { - ZooKeeperWatcher zkw = new ZooKeeperWatcher(conf, "TokenUtil-getAuthToken", null); - try { - String clusterId = ZKClusterId.readClusterIdZNode(zkw); - if (clusterId == null) { - throw new IOException("Failed to get cluster ID"); - } - return new AuthenticationTokenSelector().selectToken(new Text(clusterId), user.getTokens()); - } catch (KeeperException e) { - throw new IOException(e); - } finally { - zkw.close(); - } + private static Token getAuthToken(Connection conn, User user) + throws IOException { + String clusterId = conn.getClusterId(); + return new AuthenticationTokenSelector().selectToken(new Text(clusterId), user.getTokens()); } } diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/client/TestMasterAddressRefresher.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/client/TestMasterAddressRefresher.java index 7e2f2f7ad5b..22dbfa92ccc 100644 --- a/hbase-server/src/test/java/org/apache/hadoop/hbase/client/TestMasterAddressRefresher.java +++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/client/TestMasterAddressRefresher.java @@ -81,6 +81,11 @@ public class TestMasterAddressRefresher { return null; } + @Override + public String getClusterId() throws IOException { + return null; + } + @Override public void close() throws IOException {