Merge "Add support of keystone v3 password/token authentication method"

2015-04-07 16:03:40 +00:00 · 2015-04-07 16:03:40 +00:00 · ccf3e5c6fa
parent e464caa3ef 35fef15550
commit ccf3e5c6fa
4 changed files with 215 additions and 85 deletions
--- a/hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/auth/PasswordAuthenticationRequestV3.java
+++ b/hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/auth/PasswordAuthenticationRequestV3.java
@ -18,28 +18,45 @@
 package org.apache.hadoop.fs.swift.auth;
 import java.util.HashMap;
 import java.util.Map;
 import org.codehaus.jackson.annotate.JsonProperty;
 import org.codehaus.jackson.annotate.JsonWriteNullProperties;
 /**
 * Class that represents authentication request to Openstack Keystone v3.
 * Contains basic authentication information.
 * THIS FILE IS MAPPED BY JACKSON TO AND FROM JSON.
 * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
 */
@JsonWriteNullProperties(false)
 public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
  /**
   * Credentials for login
   */
-  private IdentityWrapper identity;
+  private final IdentityWrapper identity;
  private final ScopeWrapper scope;
-  public PasswordAuthenticationRequestV3(PasswordCredentialsV3 passwordCredentials) {
+  public PasswordAuthenticationRequestV3(ScopeWrapper scope,
-    this.identity = new IdentityWrapper(new PasswordWrapper(passwordCredentials));
+                                         PasswordCredentialsV3 passwordCreds) {
    this.identity = new IdentityWrapper(new PasswordWrapper(passwordCreds));
    this.scope = scope;
  }
  public PasswordAuthenticationRequestV3(String projectName,
                                         PasswordCredentialsV3 passwordCreds) {
      this(projectName == null ? null :
           new ScopeWrapper(new ProjectWrapper(projectName)),
           passwordCreds);
  }
  public IdentityWrapper getIdentity() {
    return identity;
  }
-  public void setIdentity(IdentityWrapper identity) {
+  public ScopeWrapper getScope() {
-    this.identity = identity;
+    return scope;
  }
  @Override
@ -48,8 +65,8 @@ public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
  }
  public static class IdentityWrapper {
-    private PasswordWrapper password;
+    private final PasswordWrapper password;
-    public final String[] methods;
+    private final String[] methods;
    public IdentityWrapper(PasswordWrapper password) {
      this.password = password;
@ -60,13 +77,17 @@ public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
      return password;
    }
-    public void setPassword(PasswordWrapper password) {
+    public String[] getMethods() {
-      this.password = password;
+      return methods;
    }
  }
  /**
   * THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
   * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
   */
  public static class PasswordWrapper {
-    private PasswordCredentialsV3 user;
+    private final PasswordCredentialsV3 user;
    public PasswordWrapper(PasswordCredentialsV3 user) {
      this.user = user;
@ -75,9 +96,73 @@ public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
    public PasswordCredentialsV3 getUser() {
      return user;
    }
  }
-    public void setUser(PasswordCredentialsV3 user) {
+  /**
-      this.user = user;
+   * THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
   * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
   */
  @JsonWriteNullProperties(false)
  public static class ScopeWrapper {
    private final ProjectWrapper project;
    private final TrustWrapper trust;
    public ScopeWrapper(ProjectWrapper project) {
      this.project = project;
      this.trust = null;
    }
    public ScopeWrapper(TrustWrapper trust) {
      this.project = null;
      this.trust = trust;
    }
    public ProjectWrapper getProject() {
      return project;
    }
    @JsonProperty("OS-TRUST:trust")
    public TrustWrapper getTrust() {
      return trust;
    }
  }
  /**
   * THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
   * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
   */
  public static class ProjectWrapper {
    private final String name;
    private final Map<String, String> domain;
    public ProjectWrapper(String projectName) {
      this.domain = new HashMap();
      this.domain.put("id", "default");
      this.name = projectName;
    }
    public String getName() {
      return name;
    }
    public Map<String, String> getDomain() {
      return domain;
    }
  }
  /**
   * THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
   * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
   */
  public static class TrustWrapper {
    private final String id;
    public TrustWrapper(String trustId) {
      id = trustId;
    }
    public String getId() {
      return id;
    }
  }
 }
--- a/hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/auth/TokenAuthenticationRequestV3.java
+++ b/hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/auth/TokenAuthenticationRequestV3.java
@ -0,0 +1,83 @@
 /*
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
 package org.apache.hadoop.fs.swift.auth;
 /**
 * Class that represents authentication request to Openstack Keystone v3.
 * Contains basic authentication information.
 * THIS FILE IS MAPPED BY JACKSON TO AND FROM JSON.
 * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
 */
 public class TokenAuthenticationRequestV3 extends AuthenticationRequestV3 {
  /**
   * Credentials for login.
   */
  private final IdentityWrapper identity;
  public TokenAuthenticationRequestV3(String token) {
    this.identity = new IdentityWrapper(new TokenWrapper(token));
  }
  public IdentityWrapper getIdentity() {
    return identity;
  }
  @Override
  public String toString() {
    return "Authenticate(v3) as token";
  }
  /**
   * THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
   * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
   */
  public static class IdentityWrapper {
    private final TokenWrapper token;
    private final String[] methods;
    public IdentityWrapper(TokenWrapper token) {
      this.token = token;
      this.methods = new String[]{"token"};
    }
    public String[] getMethods() {
      return methods;
    }
    public TokenWrapper getToken() {
      return token;
    }
  }
  /**
   * THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
   * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
   */
  public static class TokenWrapper {
    private final String token;
    public TokenWrapper(String token) {
      this.token = token;
    }
    public String getId() {
      return token;
    }
  }
 }
--- a/hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/auth/TrustAuthenticationRequest.java
+++ b/hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/auth/TrustAuthenticationRequest.java
@ -18,8 +18,6 @@
 package org.apache.hadoop.fs.swift.auth;
 import org.codehaus.jackson.annotate.JsonProperty;
 /**
 * Class that represents authentication request to Openstack Keystone v3.
 * Contains basic authentication information.
@ -27,61 +25,16 @@ import org.codehaus.jackson.annotate.JsonProperty;
 * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
 */
 public class TrustAuthenticationRequest extends PasswordAuthenticationRequestV3 {
  /**
   * trust-id for login
   */
  private ScopeWrapper scope;
-  public TrustAuthenticationRequest(PasswordCredentialsV3 passwordCredentials, String trust_id) {
+  public TrustAuthenticationRequest(PasswordCredentialsV3 passwordCredentials,
-    super(passwordCredentials);
+                                    String trustId) {
-    scope = new ScopeWrapper(new TrustWrapper(trust_id));
+    super(new ScopeWrapper(new TrustWrapper(trustId)), passwordCredentials);
  }
  public ScopeWrapper getScope() {
    return scope;
  }
  public void setScope(ScopeWrapper scope) {
    this.scope = scope;
  }
  @Override
  public String toString() {
    return super.toString() +
-            ", trust-id '" + scope.getTrust().getId() + "'";
+            ", trust-id '" + getScope().getTrust().getId() + "'";
  }
  public static class ScopeWrapper {
    private TrustWrapper trust;
    public ScopeWrapper(TrustWrapper trust) {
      this.trust = trust;
    }
    @JsonProperty("OS-TRUST:trust")
    public TrustWrapper getTrust() {
      return trust;
    }
    @JsonProperty("OS-TRUST:trust")
    public void setTrust(TrustWrapper trust) {
      this.trust = trust;
    }
  }
  public static class TrustWrapper {
    private String id;
    public TrustWrapper(String trust_id) {
      id = trust_id;
    }
    public String getId() {
      return id;
    }
    public void setId(String id) {
      this.id = id;
    }
  }
 }
--- a/hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/http/SwiftRestClient.java
+++ b/hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/http/SwiftRestClient.java
@ -51,6 +51,8 @@ import org.apache.hadoop.fs.swift.auth.AuthenticationWrapperV3;
 import org.apache.hadoop.fs.swift.auth.KeyStoneAuthRequest;
 import org.apache.hadoop.fs.swift.auth.KeystoneApiKeyCredentials;
 import org.apache.hadoop.fs.swift.auth.PasswordAuthenticationRequest;
 import org.apache.hadoop.fs.swift.auth.PasswordAuthenticationRequestV3;
 import org.apache.hadoop.fs.swift.auth.TokenAuthenticationRequestV3;
 import org.apache.hadoop.fs.swift.auth.TrustAuthenticationRequest;
 import org.apache.hadoop.fs.swift.auth.PasswordCredentials;
 import org.apache.hadoop.fs.swift.auth.PasswordCredentialsV3;
@ -500,31 +502,38 @@ public final class SwiftRestClient {
    String isPubProp = props.getProperty(SWIFT_PUBLIC_PROPERTY, "false");
    usePublicURL = "true".equals(isPubProp);
    authEndpointPrefix = getOption(props, SWIFT_AUTH_ENDPOINT_PREFIX);
    boolean isV3 = stringAuthUri.contains("/v3/auth/tokens");
-        if (apiKey == null && password == null) {
+    if (apiKey == null && password == null) {
-            throw new SwiftConfigurationException(
+      throw new SwiftConfigurationException(
-                    "Configuration for " + filesystemURI +" must contain either "
+                  "Configuration for " + filesystemURI +" must contain either "
-                            + SWIFT_PASSWORD_PROPERTY + " or "
+                  + SWIFT_PASSWORD_PROPERTY + " or "
-                            + SWIFT_APIKEY_PROPERTY);
+                  + SWIFT_APIKEY_PROPERTY);
-        }
+    }
-        //create the (reusable) authentication request
+    //create the (reusable) authentication request
    if (isV3) {
      if (trust_id == null) {
        if (password != null) {
-            if (trust_id == null) {
+          authRequest = new PasswordAuthenticationRequestV3(tenant,
-                authRequest = new PasswordAuthenticationRequest(tenant,
+                  new PasswordCredentialsV3(username, password, null));
                        new PasswordCredentials(
                                username,
                                password));
            } else {
                authRequest = new TrustAuthenticationRequest(
                        new PasswordCredentialsV3(username, password, domain_name),
                        trust_id);
            }
        } else {
-            authRequest = new ApiKeyAuthenticationRequest(tenant,
+          authRequest = new TokenAuthenticationRequestV3(apiKey);
-                    new ApiKeyCredentials(
+        }
-                            username, apiKey));
+      } else {
-            keystoneAuthRequest = new KeyStoneAuthRequest(tenant,
+        authRequest = new TrustAuthenticationRequest(
-                    new KeystoneApiKeyCredentials(username, apiKey));
+                new PasswordCredentialsV3(username, password, domain_name),
                trust_id);
      }
    } else {
      if (password != null) {
        authRequest = new PasswordAuthenticationRequest(tenant,
                new PasswordCredentials(username, password));
      } else {
        authRequest = new ApiKeyAuthenticationRequest(tenant,
                new ApiKeyCredentials(username, apiKey));
        keystoneAuthRequest = new KeyStoneAuthRequest(tenant,
                new KeystoneApiKeyCredentials(username, apiKey));
      }
    }
    locationAware = "true".equals(
      props.getProperty(SWIFT_LOCATION_AWARE_PROPERTY, "false"));