Merge "Add support of keystone v3 password/token authentication method"
This commit is contained in:
commit
ccf3e5c6fa
|
@ -18,28 +18,45 @@
|
||||||
|
|
||||||
package org.apache.hadoop.fs.swift.auth;
|
package org.apache.hadoop.fs.swift.auth;
|
||||||
|
|
||||||
|
import java.util.HashMap;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
|
import org.codehaus.jackson.annotate.JsonProperty;
|
||||||
|
import org.codehaus.jackson.annotate.JsonWriteNullProperties;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Class that represents authentication request to Openstack Keystone v3.
|
* Class that represents authentication request to Openstack Keystone v3.
|
||||||
* Contains basic authentication information.
|
* Contains basic authentication information.
|
||||||
* THIS FILE IS MAPPED BY JACKSON TO AND FROM JSON.
|
* THIS FILE IS MAPPED BY JACKSON TO AND FROM JSON.
|
||||||
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
|
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
|
||||||
*/
|
*/
|
||||||
|
@JsonWriteNullProperties(false)
|
||||||
public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
|
public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
|
||||||
/**
|
/**
|
||||||
* Credentials for login
|
* Credentials for login
|
||||||
*/
|
*/
|
||||||
private IdentityWrapper identity;
|
private final IdentityWrapper identity;
|
||||||
|
private final ScopeWrapper scope;
|
||||||
|
|
||||||
public PasswordAuthenticationRequestV3(PasswordCredentialsV3 passwordCredentials) {
|
public PasswordAuthenticationRequestV3(ScopeWrapper scope,
|
||||||
this.identity = new IdentityWrapper(new PasswordWrapper(passwordCredentials));
|
PasswordCredentialsV3 passwordCreds) {
|
||||||
|
this.identity = new IdentityWrapper(new PasswordWrapper(passwordCreds));
|
||||||
|
this.scope = scope;
|
||||||
|
}
|
||||||
|
|
||||||
|
public PasswordAuthenticationRequestV3(String projectName,
|
||||||
|
PasswordCredentialsV3 passwordCreds) {
|
||||||
|
this(projectName == null ? null :
|
||||||
|
new ScopeWrapper(new ProjectWrapper(projectName)),
|
||||||
|
passwordCreds);
|
||||||
}
|
}
|
||||||
|
|
||||||
public IdentityWrapper getIdentity() {
|
public IdentityWrapper getIdentity() {
|
||||||
return identity;
|
return identity;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void setIdentity(IdentityWrapper identity) {
|
public ScopeWrapper getScope() {
|
||||||
this.identity = identity;
|
return scope;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
@ -48,8 +65,8 @@ public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
|
||||||
}
|
}
|
||||||
|
|
||||||
public static class IdentityWrapper {
|
public static class IdentityWrapper {
|
||||||
private PasswordWrapper password;
|
private final PasswordWrapper password;
|
||||||
public final String[] methods;
|
private final String[] methods;
|
||||||
|
|
||||||
public IdentityWrapper(PasswordWrapper password) {
|
public IdentityWrapper(PasswordWrapper password) {
|
||||||
this.password = password;
|
this.password = password;
|
||||||
|
@ -60,13 +77,17 @@ public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
|
||||||
return password;
|
return password;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void setPassword(PasswordWrapper password) {
|
public String[] getMethods() {
|
||||||
this.password = password;
|
return methods;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
|
||||||
|
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
|
||||||
|
*/
|
||||||
public static class PasswordWrapper {
|
public static class PasswordWrapper {
|
||||||
private PasswordCredentialsV3 user;
|
private final PasswordCredentialsV3 user;
|
||||||
|
|
||||||
public PasswordWrapper(PasswordCredentialsV3 user) {
|
public PasswordWrapper(PasswordCredentialsV3 user) {
|
||||||
this.user = user;
|
this.user = user;
|
||||||
|
@ -75,9 +96,73 @@ public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
|
||||||
public PasswordCredentialsV3 getUser() {
|
public PasswordCredentialsV3 getUser() {
|
||||||
return user;
|
return user;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
public void setUser(PasswordCredentialsV3 user) {
|
/**
|
||||||
this.user = user;
|
* THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
|
||||||
|
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
|
||||||
|
*/
|
||||||
|
@JsonWriteNullProperties(false)
|
||||||
|
public static class ScopeWrapper {
|
||||||
|
private final ProjectWrapper project;
|
||||||
|
private final TrustWrapper trust;
|
||||||
|
|
||||||
|
public ScopeWrapper(ProjectWrapper project) {
|
||||||
|
this.project = project;
|
||||||
|
this.trust = null;
|
||||||
|
}
|
||||||
|
|
||||||
|
public ScopeWrapper(TrustWrapper trust) {
|
||||||
|
this.project = null;
|
||||||
|
this.trust = trust;
|
||||||
|
}
|
||||||
|
|
||||||
|
public ProjectWrapper getProject() {
|
||||||
|
return project;
|
||||||
|
}
|
||||||
|
|
||||||
|
@JsonProperty("OS-TRUST:trust")
|
||||||
|
public TrustWrapper getTrust() {
|
||||||
|
return trust;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
|
||||||
|
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
|
||||||
|
*/
|
||||||
|
public static class ProjectWrapper {
|
||||||
|
private final String name;
|
||||||
|
private final Map<String, String> domain;
|
||||||
|
|
||||||
|
public ProjectWrapper(String projectName) {
|
||||||
|
this.domain = new HashMap();
|
||||||
|
this.domain.put("id", "default");
|
||||||
|
this.name = projectName;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getName() {
|
||||||
|
return name;
|
||||||
|
}
|
||||||
|
|
||||||
|
public Map<String, String> getDomain() {
|
||||||
|
return domain;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
|
||||||
|
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
|
||||||
|
*/
|
||||||
|
public static class TrustWrapper {
|
||||||
|
private final String id;
|
||||||
|
|
||||||
|
public TrustWrapper(String trustId) {
|
||||||
|
id = trustId;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getId() {
|
||||||
|
return id;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,83 @@
|
||||||
|
/*
|
||||||
|
* Licensed to the Apache Software Foundation (ASF) under one
|
||||||
|
* or more contributor license agreements. See the NOTICE file
|
||||||
|
* distributed with this work for additional information
|
||||||
|
* regarding copyright ownership. The ASF licenses this file
|
||||||
|
* to you under the Apache License, Version 2.0 (the
|
||||||
|
* "License"); you may not use this file except in compliance
|
||||||
|
* with the License. You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package org.apache.hadoop.fs.swift.auth;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Class that represents authentication request to Openstack Keystone v3.
|
||||||
|
* Contains basic authentication information.
|
||||||
|
* THIS FILE IS MAPPED BY JACKSON TO AND FROM JSON.
|
||||||
|
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
|
||||||
|
*/
|
||||||
|
public class TokenAuthenticationRequestV3 extends AuthenticationRequestV3 {
|
||||||
|
/**
|
||||||
|
* Credentials for login.
|
||||||
|
*/
|
||||||
|
private final IdentityWrapper identity;
|
||||||
|
|
||||||
|
public TokenAuthenticationRequestV3(String token) {
|
||||||
|
this.identity = new IdentityWrapper(new TokenWrapper(token));
|
||||||
|
}
|
||||||
|
|
||||||
|
public IdentityWrapper getIdentity() {
|
||||||
|
return identity;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String toString() {
|
||||||
|
return "Authenticate(v3) as token";
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
|
||||||
|
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
|
||||||
|
*/
|
||||||
|
public static class IdentityWrapper {
|
||||||
|
private final TokenWrapper token;
|
||||||
|
private final String[] methods;
|
||||||
|
|
||||||
|
public IdentityWrapper(TokenWrapper token) {
|
||||||
|
this.token = token;
|
||||||
|
this.methods = new String[]{"token"};
|
||||||
|
}
|
||||||
|
|
||||||
|
public String[] getMethods() {
|
||||||
|
return methods;
|
||||||
|
}
|
||||||
|
|
||||||
|
public TokenWrapper getToken() {
|
||||||
|
return token;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
|
||||||
|
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
|
||||||
|
*/
|
||||||
|
public static class TokenWrapper {
|
||||||
|
private final String token;
|
||||||
|
|
||||||
|
public TokenWrapper(String token) {
|
||||||
|
this.token = token;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getId() {
|
||||||
|
return token;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
|
@ -18,8 +18,6 @@
|
||||||
|
|
||||||
package org.apache.hadoop.fs.swift.auth;
|
package org.apache.hadoop.fs.swift.auth;
|
||||||
|
|
||||||
import org.codehaus.jackson.annotate.JsonProperty;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Class that represents authentication request to Openstack Keystone v3.
|
* Class that represents authentication request to Openstack Keystone v3.
|
||||||
* Contains basic authentication information.
|
* Contains basic authentication information.
|
||||||
|
@ -27,61 +25,16 @@ import org.codehaus.jackson.annotate.JsonProperty;
|
||||||
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
|
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
|
||||||
*/
|
*/
|
||||||
public class TrustAuthenticationRequest extends PasswordAuthenticationRequestV3 {
|
public class TrustAuthenticationRequest extends PasswordAuthenticationRequestV3 {
|
||||||
/**
|
|
||||||
* trust-id for login
|
|
||||||
*/
|
|
||||||
private ScopeWrapper scope;
|
|
||||||
|
|
||||||
public TrustAuthenticationRequest(PasswordCredentialsV3 passwordCredentials, String trust_id) {
|
public TrustAuthenticationRequest(PasswordCredentialsV3 passwordCredentials,
|
||||||
super(passwordCredentials);
|
String trustId) {
|
||||||
scope = new ScopeWrapper(new TrustWrapper(trust_id));
|
super(new ScopeWrapper(new TrustWrapper(trustId)), passwordCredentials);
|
||||||
}
|
|
||||||
|
|
||||||
public ScopeWrapper getScope() {
|
|
||||||
return scope;
|
|
||||||
}
|
|
||||||
|
|
||||||
public void setScope(ScopeWrapper scope) {
|
|
||||||
this.scope = scope;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String toString() {
|
public String toString() {
|
||||||
return super.toString() +
|
return super.toString() +
|
||||||
", trust-id '" + scope.getTrust().getId() + "'";
|
", trust-id '" + getScope().getTrust().getId() + "'";
|
||||||
}
|
}
|
||||||
|
|
||||||
public static class ScopeWrapper {
|
|
||||||
private TrustWrapper trust;
|
|
||||||
|
|
||||||
public ScopeWrapper(TrustWrapper trust) {
|
|
||||||
this.trust = trust;
|
|
||||||
}
|
|
||||||
|
|
||||||
@JsonProperty("OS-TRUST:trust")
|
|
||||||
public TrustWrapper getTrust() {
|
|
||||||
return trust;
|
|
||||||
}
|
|
||||||
|
|
||||||
@JsonProperty("OS-TRUST:trust")
|
|
||||||
public void setTrust(TrustWrapper trust) {
|
|
||||||
this.trust = trust;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
public static class TrustWrapper {
|
|
||||||
private String id;
|
|
||||||
|
|
||||||
public TrustWrapper(String trust_id) {
|
|
||||||
id = trust_id;
|
|
||||||
}
|
|
||||||
|
|
||||||
public String getId() {
|
|
||||||
return id;
|
|
||||||
}
|
|
||||||
|
|
||||||
public void setId(String id) {
|
|
||||||
this.id = id;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -51,6 +51,8 @@ import org.apache.hadoop.fs.swift.auth.AuthenticationWrapperV3;
|
||||||
import org.apache.hadoop.fs.swift.auth.KeyStoneAuthRequest;
|
import org.apache.hadoop.fs.swift.auth.KeyStoneAuthRequest;
|
||||||
import org.apache.hadoop.fs.swift.auth.KeystoneApiKeyCredentials;
|
import org.apache.hadoop.fs.swift.auth.KeystoneApiKeyCredentials;
|
||||||
import org.apache.hadoop.fs.swift.auth.PasswordAuthenticationRequest;
|
import org.apache.hadoop.fs.swift.auth.PasswordAuthenticationRequest;
|
||||||
|
import org.apache.hadoop.fs.swift.auth.PasswordAuthenticationRequestV3;
|
||||||
|
import org.apache.hadoop.fs.swift.auth.TokenAuthenticationRequestV3;
|
||||||
import org.apache.hadoop.fs.swift.auth.TrustAuthenticationRequest;
|
import org.apache.hadoop.fs.swift.auth.TrustAuthenticationRequest;
|
||||||
import org.apache.hadoop.fs.swift.auth.PasswordCredentials;
|
import org.apache.hadoop.fs.swift.auth.PasswordCredentials;
|
||||||
import org.apache.hadoop.fs.swift.auth.PasswordCredentialsV3;
|
import org.apache.hadoop.fs.swift.auth.PasswordCredentialsV3;
|
||||||
|
@ -500,31 +502,38 @@ public final class SwiftRestClient {
|
||||||
String isPubProp = props.getProperty(SWIFT_PUBLIC_PROPERTY, "false");
|
String isPubProp = props.getProperty(SWIFT_PUBLIC_PROPERTY, "false");
|
||||||
usePublicURL = "true".equals(isPubProp);
|
usePublicURL = "true".equals(isPubProp);
|
||||||
authEndpointPrefix = getOption(props, SWIFT_AUTH_ENDPOINT_PREFIX);
|
authEndpointPrefix = getOption(props, SWIFT_AUTH_ENDPOINT_PREFIX);
|
||||||
|
boolean isV3 = stringAuthUri.contains("/v3/auth/tokens");
|
||||||
|
|
||||||
if (apiKey == null && password == null) {
|
if (apiKey == null && password == null) {
|
||||||
throw new SwiftConfigurationException(
|
throw new SwiftConfigurationException(
|
||||||
"Configuration for " + filesystemURI +" must contain either "
|
"Configuration for " + filesystemURI +" must contain either "
|
||||||
+ SWIFT_PASSWORD_PROPERTY + " or "
|
+ SWIFT_PASSWORD_PROPERTY + " or "
|
||||||
+ SWIFT_APIKEY_PROPERTY);
|
+ SWIFT_APIKEY_PROPERTY);
|
||||||
}
|
}
|
||||||
//create the (reusable) authentication request
|
//create the (reusable) authentication request
|
||||||
|
if (isV3) {
|
||||||
|
if (trust_id == null) {
|
||||||
if (password != null) {
|
if (password != null) {
|
||||||
if (trust_id == null) {
|
authRequest = new PasswordAuthenticationRequestV3(tenant,
|
||||||
authRequest = new PasswordAuthenticationRequest(tenant,
|
new PasswordCredentialsV3(username, password, null));
|
||||||
new PasswordCredentials(
|
|
||||||
username,
|
|
||||||
password));
|
|
||||||
} else {
|
|
||||||
authRequest = new TrustAuthenticationRequest(
|
|
||||||
new PasswordCredentialsV3(username, password, domain_name),
|
|
||||||
trust_id);
|
|
||||||
}
|
|
||||||
} else {
|
} else {
|
||||||
authRequest = new ApiKeyAuthenticationRequest(tenant,
|
authRequest = new TokenAuthenticationRequestV3(apiKey);
|
||||||
new ApiKeyCredentials(
|
}
|
||||||
username, apiKey));
|
} else {
|
||||||
keystoneAuthRequest = new KeyStoneAuthRequest(tenant,
|
authRequest = new TrustAuthenticationRequest(
|
||||||
new KeystoneApiKeyCredentials(username, apiKey));
|
new PasswordCredentialsV3(username, password, domain_name),
|
||||||
|
trust_id);
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if (password != null) {
|
||||||
|
authRequest = new PasswordAuthenticationRequest(tenant,
|
||||||
|
new PasswordCredentials(username, password));
|
||||||
|
} else {
|
||||||
|
authRequest = new ApiKeyAuthenticationRequest(tenant,
|
||||||
|
new ApiKeyCredentials(username, apiKey));
|
||||||
|
keystoneAuthRequest = new KeyStoneAuthRequest(tenant,
|
||||||
|
new KeystoneApiKeyCredentials(username, apiKey));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
locationAware = "true".equals(
|
locationAware = "true".equals(
|
||||||
props.getProperty(SWIFT_LOCATION_AWARE_PROPERTY, "false"));
|
props.getProperty(SWIFT_LOCATION_AWARE_PROPERTY, "false"));
|
||||||
|
|
Loading…
Reference in New Issue