Browse Source

Merge "Add support of keystone v3 password/token authentication method"

Jenkins 4 years ago
parent
commit
ccf3e5c6fa

+ 97
- 12
hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/auth/PasswordAuthenticationRequestV3.java View File

@@ -18,28 +18,45 @@
18 18
 
19 19
 package org.apache.hadoop.fs.swift.auth;
20 20
 
21
+import java.util.HashMap;
22
+import java.util.Map;
23
+
24
+import org.codehaus.jackson.annotate.JsonProperty;
25
+import org.codehaus.jackson.annotate.JsonWriteNullProperties;
26
+
21 27
 /**
22 28
  * Class that represents authentication request to Openstack Keystone v3.
23 29
  * Contains basic authentication information.
24 30
  * THIS FILE IS MAPPED BY JACKSON TO AND FROM JSON.
25 31
  * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
26 32
  */
33
+@JsonWriteNullProperties(false)
27 34
 public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
28 35
   /**
29 36
    * Credentials for login
30 37
    */
31
-  private IdentityWrapper identity;
38
+  private final IdentityWrapper identity;
39
+  private final ScopeWrapper scope;
32 40
 
33
-  public PasswordAuthenticationRequestV3(PasswordCredentialsV3 passwordCredentials) {
34
-    this.identity = new IdentityWrapper(new PasswordWrapper(passwordCredentials));
41
+  public PasswordAuthenticationRequestV3(ScopeWrapper scope,
42
+                                         PasswordCredentialsV3 passwordCreds) {
43
+    this.identity = new IdentityWrapper(new PasswordWrapper(passwordCreds));
44
+    this.scope = scope;
45
+  }
46
+
47
+  public PasswordAuthenticationRequestV3(String projectName,
48
+                                         PasswordCredentialsV3 passwordCreds) {
49
+      this(projectName == null ? null :
50
+           new ScopeWrapper(new ProjectWrapper(projectName)),
51
+           passwordCreds);
35 52
   }
36 53
 
37 54
   public IdentityWrapper getIdentity() {
38 55
     return identity;
39 56
   }
40 57
 
41
-  public void setIdentity(IdentityWrapper identity) {
42
-    this.identity = identity;
58
+  public ScopeWrapper getScope() {
59
+    return scope;
43 60
   }
44 61
 
45 62
   @Override
@@ -48,8 +65,8 @@ public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
48 65
   }
49 66
 
50 67
   public static class IdentityWrapper {
51
-    private PasswordWrapper password;
52
-    public final String[] methods;
68
+    private final PasswordWrapper password;
69
+    private final String[] methods;
53 70
 
54 71
     public IdentityWrapper(PasswordWrapper password) {
55 72
       this.password = password;
@@ -60,13 +77,17 @@ public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
60 77
       return password;
61 78
     }
62 79
 
63
-    public void setPassword(PasswordWrapper password) {
64
-      this.password = password;
80
+    public String[] getMethods() {
81
+      return methods;
65 82
     }
66 83
   }
67 84
 
85
+  /**
86
+   * THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
87
+   * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
88
+   */
68 89
   public static class PasswordWrapper {
69
-    private PasswordCredentialsV3 user;
90
+    private final PasswordCredentialsV3 user;
70 91
 
71 92
     public PasswordWrapper(PasswordCredentialsV3 user) {
72 93
       this.user = user;
@@ -75,9 +96,73 @@ public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
75 96
     public PasswordCredentialsV3 getUser() {
76 97
       return user;
77 98
     }
99
+  }
78 100
 
79
-    public void setUser(PasswordCredentialsV3 user) {
80
-      this.user = user;
101
+  /**
102
+   * THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
103
+   * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
104
+   */
105
+  @JsonWriteNullProperties(false)
106
+  public static class ScopeWrapper {
107
+    private final ProjectWrapper project;
108
+    private final TrustWrapper trust;
109
+
110
+    public ScopeWrapper(ProjectWrapper project) {
111
+      this.project = project;
112
+      this.trust = null;
113
+    }
114
+
115
+    public ScopeWrapper(TrustWrapper trust) {
116
+      this.project = null;
117
+      this.trust = trust;
118
+    }
119
+
120
+    public ProjectWrapper getProject() {
121
+      return project;
122
+    }
123
+
124
+    @JsonProperty("OS-TRUST:trust")
125
+    public TrustWrapper getTrust() {
126
+      return trust;
127
+    }
128
+  }
129
+
130
+  /**
131
+   * THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
132
+   * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
133
+   */
134
+  public static class ProjectWrapper {
135
+    private final String name;
136
+    private final Map<String, String> domain;
137
+
138
+    public ProjectWrapper(String projectName) {
139
+      this.domain = new HashMap();
140
+      this.domain.put("id", "default");
141
+      this.name = projectName;
142
+    }
143
+
144
+    public String getName() {
145
+      return name;
146
+    }
147
+
148
+    public Map<String, String> getDomain() {
149
+      return domain;
150
+    }
151
+  }
152
+
153
+  /**
154
+   * THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
155
+   * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
156
+   */
157
+  public static class TrustWrapper {
158
+    private final String id;
159
+
160
+    public TrustWrapper(String trustId) {
161
+      id = trustId;
162
+    }
163
+
164
+    public String getId() {
165
+      return id;
81 166
     }
82 167
   }
83 168
 }

+ 83
- 0
hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/auth/TokenAuthenticationRequestV3.java View File

@@ -0,0 +1,83 @@
1
+/*
2
+ * Licensed to the Apache Software Foundation (ASF) under one
3
+ * or more contributor license agreements.  See the NOTICE file
4
+ * distributed with this work for additional information
5
+ * regarding copyright ownership.  The ASF licenses this file
6
+ * to you under the Apache License, Version 2.0 (the
7
+ * "License"); you may not use this file except in compliance
8
+ * with the License.  You may obtain a copy of the License at
9
+ *
10
+ *     http://www.apache.org/licenses/LICENSE-2.0
11
+ *
12
+ * Unless required by applicable law or agreed to in writing, software
13
+ * distributed under the License is distributed on an "AS IS" BASIS,
14
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15
+ * See the License for the specific language governing permissions and
16
+ * limitations under the License.
17
+ */
18
+
19
+package org.apache.hadoop.fs.swift.auth;
20
+
21
+/**
22
+ * Class that represents authentication request to Openstack Keystone v3.
23
+ * Contains basic authentication information.
24
+ * THIS FILE IS MAPPED BY JACKSON TO AND FROM JSON.
25
+ * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
26
+ */
27
+public class TokenAuthenticationRequestV3 extends AuthenticationRequestV3 {
28
+  /**
29
+   * Credentials for login.
30
+   */
31
+  private final IdentityWrapper identity;
32
+
33
+  public TokenAuthenticationRequestV3(String token) {
34
+    this.identity = new IdentityWrapper(new TokenWrapper(token));
35
+  }
36
+
37
+  public IdentityWrapper getIdentity() {
38
+    return identity;
39
+  }
40
+
41
+  @Override
42
+  public String toString() {
43
+    return "Authenticate(v3) as token";
44
+  }
45
+
46
+  /**
47
+   * THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
48
+   * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
49
+   */
50
+  public static class IdentityWrapper {
51
+    private final TokenWrapper token;
52
+    private final String[] methods;
53
+
54
+    public IdentityWrapper(TokenWrapper token) {
55
+      this.token = token;
56
+      this.methods = new String[]{"token"};
57
+    }
58
+
59
+    public String[] getMethods() {
60
+      return methods;
61
+    }
62
+
63
+    public TokenWrapper getToken() {
64
+      return token;
65
+    }
66
+  }
67
+
68
+  /**
69
+   * THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
70
+   * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
71
+   */
72
+  public static class TokenWrapper {
73
+    private final String token;
74
+
75
+    public TokenWrapper(String token) {
76
+      this.token = token;
77
+    }
78
+
79
+    public String getId() {
80
+      return token;
81
+    }
82
+  }
83
+}

+ 4
- 51
hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/auth/TrustAuthenticationRequest.java View File

@@ -18,8 +18,6 @@
18 18
 
19 19
 package org.apache.hadoop.fs.swift.auth;
20 20
 
21
-import org.codehaus.jackson.annotate.JsonProperty;
22
-
23 21
 /**
24 22
  * Class that represents authentication request to Openstack Keystone v3.
25 23
  * Contains basic authentication information.
@@ -27,61 +25,16 @@ import org.codehaus.jackson.annotate.JsonProperty;
27 25
  * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
28 26
  */
29 27
 public class TrustAuthenticationRequest extends PasswordAuthenticationRequestV3 {
30
-  /**
31
-   * trust-id for login
32
-   */
33
-  private ScopeWrapper scope;
34
-
35
-  public TrustAuthenticationRequest(PasswordCredentialsV3 passwordCredentials, String trust_id) {
36
-    super(passwordCredentials);
37
-    scope = new ScopeWrapper(new TrustWrapper(trust_id));
38
-  }
39 28
 
40
-  public ScopeWrapper getScope() {
41
-    return scope;
42
-  }
43
-
44
-  public void setScope(ScopeWrapper scope) {
45
-    this.scope = scope;
29
+  public TrustAuthenticationRequest(PasswordCredentialsV3 passwordCredentials,
30
+                                    String trustId) {
31
+    super(new ScopeWrapper(new TrustWrapper(trustId)), passwordCredentials);
46 32
   }
47 33
 
48 34
   @Override
49 35
   public String toString() {
50 36
     return super.toString() +
51
-            ", trust-id '" + scope.getTrust().getId() + "'";
52
-  }
53
-
54
-  public static class ScopeWrapper {
55
-    private TrustWrapper trust;
56
-
57
-    public ScopeWrapper(TrustWrapper trust) {
58
-      this.trust = trust;
59
-    }
60
-
61
-    @JsonProperty("OS-TRUST:trust")
62
-    public TrustWrapper getTrust() {
63
-      return trust;
64
-    }
65
-
66
-    @JsonProperty("OS-TRUST:trust")
67
-    public void setTrust(TrustWrapper trust) {
68
-      this.trust = trust;
69
-    }
37
+            ", trust-id '" + getScope().getTrust().getId() + "'";
70 38
   }
71 39
 
72
-  public static class TrustWrapper {
73
-    private String id;
74
-
75
-    public TrustWrapper(String trust_id) {
76
-      id = trust_id;
77
-    }
78
-
79
-    public String getId() {
80
-      return id;
81
-    }
82
-
83
-    public void setId(String id) {
84
-      this.id = id;
85
-    }
86
-  }
87 40
 }

+ 31
- 22
hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/http/SwiftRestClient.java View File

@@ -51,6 +51,8 @@ import org.apache.hadoop.fs.swift.auth.AuthenticationWrapperV3;
51 51
 import org.apache.hadoop.fs.swift.auth.KeyStoneAuthRequest;
52 52
 import org.apache.hadoop.fs.swift.auth.KeystoneApiKeyCredentials;
53 53
 import org.apache.hadoop.fs.swift.auth.PasswordAuthenticationRequest;
54
+import org.apache.hadoop.fs.swift.auth.PasswordAuthenticationRequestV3;
55
+import org.apache.hadoop.fs.swift.auth.TokenAuthenticationRequestV3;
54 56
 import org.apache.hadoop.fs.swift.auth.TrustAuthenticationRequest;
55 57
 import org.apache.hadoop.fs.swift.auth.PasswordCredentials;
56 58
 import org.apache.hadoop.fs.swift.auth.PasswordCredentialsV3;
@@ -500,31 +502,38 @@ public final class SwiftRestClient {
500 502
     String isPubProp = props.getProperty(SWIFT_PUBLIC_PROPERTY, "false");
501 503
     usePublicURL = "true".equals(isPubProp);
502 504
     authEndpointPrefix = getOption(props, SWIFT_AUTH_ENDPOINT_PREFIX);
505
+    boolean isV3 = stringAuthUri.contains("/v3/auth/tokens");
503 506
 
504
-        if (apiKey == null && password == null) {
505
-            throw new SwiftConfigurationException(
506
-                    "Configuration for " + filesystemURI +" must contain either "
507
-                            + SWIFT_PASSWORD_PROPERTY + " or "
508
-                            + SWIFT_APIKEY_PROPERTY);
509
-        }
510
-        //create the (reusable) authentication request
507
+    if (apiKey == null && password == null) {
508
+      throw new SwiftConfigurationException(
509
+                  "Configuration for " + filesystemURI +" must contain either "
510
+                  + SWIFT_PASSWORD_PROPERTY + " or "
511
+                  + SWIFT_APIKEY_PROPERTY);
512
+    }
513
+    //create the (reusable) authentication request
514
+    if (isV3) {
515
+      if (trust_id == null) {
511 516
         if (password != null) {
512
-            if (trust_id == null) {
513
-                authRequest = new PasswordAuthenticationRequest(tenant,
514
-                        new PasswordCredentials(
515
-                                username,
516
-                                password));
517
-            } else {
518
-                authRequest = new TrustAuthenticationRequest(
519
-                        new PasswordCredentialsV3(username, password, domain_name),
520
-                        trust_id);
521
-            }
517
+          authRequest = new PasswordAuthenticationRequestV3(tenant,
518
+                  new PasswordCredentialsV3(username, password, null));
522 519
         } else {
523
-            authRequest = new ApiKeyAuthenticationRequest(tenant,
524
-                    new ApiKeyCredentials(
525
-                            username, apiKey));
526
-            keystoneAuthRequest = new KeyStoneAuthRequest(tenant,
527
-                    new KeystoneApiKeyCredentials(username, apiKey));
520
+          authRequest = new TokenAuthenticationRequestV3(apiKey);
521
+        }
522
+      } else {
523
+        authRequest = new TrustAuthenticationRequest(
524
+                new PasswordCredentialsV3(username, password, domain_name),
525
+                trust_id);
526
+      }
527
+    } else {
528
+      if (password != null) {
529
+        authRequest = new PasswordAuthenticationRequest(tenant,
530
+                new PasswordCredentials(username, password));
531
+      } else {
532
+        authRequest = new ApiKeyAuthenticationRequest(tenant,
533
+                new ApiKeyCredentials(username, apiKey));
534
+        keystoneAuthRequest = new KeyStoneAuthRequest(tenant,
535
+                new KeystoneApiKeyCredentials(username, apiKey));
536
+      }
528 537
     }
529 538
     locationAware = "true".equals(
530 539
       props.getProperty(SWIFT_LOCATION_AWARE_PROPERTY, "false"));

Loading…
Cancel
Save