View Javadoc

1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *     http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing, software
13   * distributed under the License is distributed on an "AS IS" BASIS,
14   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15   * See the License for the specific language governing permissions and
16   * limitations under the License.
17   */
18  
19  package org.apache.hadoop.hbase.security.token;
20  
21  import javax.crypto.SecretKey;
22  
23  import java.io.DataInput;
24  import java.io.DataOutput;
25  import java.io.IOException;
26  import java.util.Arrays;
27  
28  import org.apache.hadoop.hbase.classification.InterfaceAudience;
29  import org.apache.hadoop.hbase.util.Bytes;
30  import org.apache.hadoop.io.Writable;
31  import org.apache.hadoop.io.WritableUtils;
32  
33  /**
34   * Represents a secret key used for signing and verifying authentication tokens
35   * by {@link AuthenticationTokenSecretManager}.
36   */
37  @InterfaceAudience.Private
38  public class AuthenticationKey implements Writable {
39    private int id;
40    private long expirationDate;
41    private SecretKey secret;
42  
43    public AuthenticationKey() {
44      // for Writable
45    }
46  
47    public AuthenticationKey(int keyId, long expirationDate, SecretKey key) {
48      this.id = keyId;
49      this.expirationDate = expirationDate;
50      this.secret = key;
51    }
52  
53    public int getKeyId() {
54      return id;
55    }
56  
57    public long getExpiration() {
58      return expirationDate;
59    }
60  
61    public void setExpiration(long timestamp) {
62      expirationDate = timestamp;
63    }
64  
65    SecretKey getKey() {
66      return secret;
67    }
68  
69    @Override
70    public int hashCode() {
71      int result = id;
72      result = 31 * result + (int) (expirationDate ^ (expirationDate >>> 32));
73      result = 31 * result + ((secret == null) ? 0 : Arrays.hashCode(secret.getEncoded()));
74      return result;
75    }
76  
77    @Override
78    public boolean equals(Object obj) {
79      if (obj == null || !(obj instanceof AuthenticationKey)) {
80        return false;
81      }
82      AuthenticationKey other = (AuthenticationKey)obj;
83      return id == other.getKeyId() &&
84          expirationDate == other.getExpiration() &&
85          (secret == null ? other.getKey() == null :
86              other.getKey() != null &&
87                  Bytes.equals(secret.getEncoded(), other.getKey().getEncoded()));       
88    }
89  
90    @Override
91    public String toString() {
92      StringBuilder buf = new StringBuilder();
93      buf.append("AuthenticationKey[ ")
94         .append("id=").append(id)
95         .append(", expiration=").append(expirationDate)
96         .append(" ]");
97      return buf.toString();
98    }
99  
100   @Override
101   public void write(DataOutput out) throws IOException {
102     WritableUtils.writeVInt(out, id);
103     WritableUtils.writeVLong(out, expirationDate);
104     if (secret == null) {
105       WritableUtils.writeVInt(out, -1);
106     } else {
107       byte[] keyBytes = secret.getEncoded();
108       WritableUtils.writeVInt(out, keyBytes.length);
109       out.write(keyBytes);
110     }
111   }
112 
113   @Override
114   public void readFields(DataInput in) throws IOException {
115     id = WritableUtils.readVInt(in);
116     expirationDate = WritableUtils.readVLong(in);
117     int keyLength = WritableUtils.readVInt(in);
118     if (keyLength < 0) {
119       secret = null;
120     } else {
121       byte[] keyBytes = new byte[keyLength];
122       in.readFully(keyBytes);
123       secret = AuthenticationTokenSecretManager.createSecretKey(keyBytes);
124     }
125   }
126 }