Source code

001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase.security.provider.example;
019
020import java.util.Collection;
021import java.util.Optional;
022
023import org.apache.hadoop.conf.Configuration;
024import org.apache.hadoop.hbase.security.User;
025import org.apache.hadoop.hbase.security.provider.BuiltInProviderSelector;
026import org.apache.hadoop.hbase.security.provider.SaslClientAuthenticationProvider;
027import org.apache.hadoop.hbase.util.Pair;
028import org.apache.hadoop.io.Text;
029import org.apache.hadoop.security.token.Token;
030import org.apache.hadoop.security.token.TokenIdentifier;
031import org.apache.yetus.audience.InterfaceAudience;
032
033@InterfaceAudience.Private
034public class ShadeProviderSelector extends BuiltInProviderSelector {
035
036  private final Text SHADE_TOKEN_KIND_TEXT = new Text(ShadeSaslAuthenticationProvider.TOKEN_KIND);
037  private ShadeSaslClientAuthenticationProvider shade;
038
039  @Override
040  public void configure(
041      Configuration conf, Collection<SaslClientAuthenticationProvider> providers) {
042    super.configure(conf, providers);
043
044    this.shade = (ShadeSaslClientAuthenticationProvider) providers.stream()
045        .filter((p) -> p instanceof ShadeSaslClientAuthenticationProvider)
046        .findFirst()
047        .orElseThrow(() -> new RuntimeException(
048            "ShadeSaslClientAuthenticationProvider not loaded"));
049  }
050
051  @Override
052  public Pair<SaslClientAuthenticationProvider, Token<? extends TokenIdentifier>> selectProvider(
053      String clusterId, User user) {
054    Pair<SaslClientAuthenticationProvider, Token<? extends TokenIdentifier>> pair =
055        super.selectProvider(clusterId, user);
056
057    Optional<Token<?>> optional = user.getTokens().stream()
058        .filter((t) -> SHADE_TOKEN_KIND_TEXT.equals(t.getKind()))
059        .findFirst();
060    if (optional.isPresent()) {
061      return new Pair<>(shade, optional.get());
062    }
063
064    return pair;
065  }
066}