View Javadoc

1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *     http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing, software
13   * distributed under the License is distributed on an "AS IS" BASIS,
14   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15   * See the License for the specific language governing permissions and
16   * limitations under the License.
17   */
18  
19  package org.apache.hadoop.hbase.security.token;
20  
21  import javax.crypto.SecretKey;
22  import java.io.DataInput;
23  import java.io.DataOutput;
24  import java.io.IOException;
25  
26  import org.apache.hadoop.hbase.util.Bytes;
27  import org.apache.hadoop.io.Writable;
28  import org.apache.hadoop.io.WritableUtils;
29  
30  /**
31   * Represents a secret key used for signing and verifying authentication tokens
32   * by {@link AuthenticationTokenSecretManager}.
33   */
34  public class AuthenticationKey implements Writable {
35    private int id;
36    private long expirationDate;
37    private SecretKey secret;
38  
39    public AuthenticationKey() {
40      // for Writable
41    }
42  
43    public AuthenticationKey(int keyId, long expirationDate, SecretKey key) {
44      this.id = keyId;
45      this.expirationDate = expirationDate;
46      this.secret = key;
47    }
48  
49    public int getKeyId() {
50      return id;
51    }
52  
53    public long getExpiration() {
54      return expirationDate;
55    }
56  
57    public void setExpiration(long timestamp) {
58      expirationDate = timestamp;
59    }
60  
61    SecretKey getKey() {
62      return secret;
63    }
64  
65    @Override
66    public boolean equals(Object obj) {
67      if (obj == null || !(obj instanceof AuthenticationKey)) {
68        return false;
69      }
70      AuthenticationKey other = (AuthenticationKey)obj;
71      return id == other.getKeyId() &&
72          expirationDate == other.getExpiration() &&
73          (secret == null ? other.getKey() == null :
74              other.getKey() != null &&
75                  Bytes.equals(secret.getEncoded(), other.getKey().getEncoded()));       
76    }
77  
78    @Override
79    public String toString() {
80      StringBuilder buf = new StringBuilder();
81      buf.append("AuthenticationKey[ ")
82         .append("id=").append(id)
83         .append(", expiration=").append(expirationDate)
84         .append(" ]");
85      return buf.toString();
86    }
87  
88    @Override
89    public void write(DataOutput out) throws IOException {
90      WritableUtils.writeVInt(out, id);
91      WritableUtils.writeVLong(out, expirationDate);
92      if (secret == null) {
93        WritableUtils.writeVInt(out, -1);
94      } else {
95        byte[] keyBytes = secret.getEncoded();
96        WritableUtils.writeVInt(out, keyBytes.length);
97        out.write(keyBytes);
98      }
99    }
100 
101   @Override
102   public void readFields(DataInput in) throws IOException {
103     id = WritableUtils.readVInt(in);
104     expirationDate = WritableUtils.readVLong(in);
105     int keyLength = WritableUtils.readVInt(in);
106     if (keyLength < 0) {
107       secret = null;
108     } else {
109       byte[] keyBytes = new byte[keyLength];
110       in.readFully(keyBytes);
111       secret = AuthenticationTokenSecretManager.createSecretKey(keyBytes);
112     }
113   }
114 }