View Javadoc

1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *     http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing, software
13   * distributed under the License is distributed on an "AS IS" BASIS,
14   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15   * See the License for the specific language governing permissions and
16   * limitations under the License.
17   */
18  
19  package org.apache.hadoop.hbase.security.token;
20  
21  import com.google.protobuf.ByteString;
22  import org.apache.hadoop.hbase.protobuf.generated.AuthenticationProtos;
23  import org.apache.hadoop.io.Text;
24  import org.apache.hadoop.security.UserGroupInformation;
25  import org.apache.hadoop.security.token.TokenIdentifier;
26  
27  import java.io.DataInput;
28  import java.io.DataOutput;
29  import java.io.IOException;
30  
31  /**
32   * Represents the identity information stored in an HBase authentication token.
33   */
34  public class AuthenticationTokenIdentifier extends TokenIdentifier {
35    public static final Text AUTH_TOKEN_TYPE = new Text("HBASE_AUTH_TOKEN");
36  
37    protected String username;
38    protected int keyId;
39    protected long issueDate;
40    protected long expirationDate;
41    protected long sequenceNumber;
42    
43    public AuthenticationTokenIdentifier() {
44    }
45  
46    public AuthenticationTokenIdentifier(String username) {
47      this.username = username;
48    }
49  
50    public AuthenticationTokenIdentifier(String username, int keyId,
51        long issueDate, long expirationDate) {
52      this.username = username;
53      this.keyId = keyId;
54      this.issueDate = issueDate;
55      this.expirationDate = expirationDate;
56    }
57  
58    @Override
59    public Text getKind() {
60      return AUTH_TOKEN_TYPE;
61    }
62  
63    @Override
64    public UserGroupInformation getUser() {
65      if (username == null || "".equals(username)) {
66        return null;
67      }
68      return UserGroupInformation.createRemoteUser(username);
69    }
70  
71    public String getUsername() {
72      return username;
73    }
74  
75    void setUsername(String name) {
76      this.username = name;
77    }
78  
79    public int getKeyId() {
80      return keyId;
81    }
82  
83    void setKeyId(int id) {
84      this.keyId = id;
85    }
86  
87    public long getIssueDate() {
88      return issueDate;
89    }
90  
91    void setIssueDate(long timestamp) {
92      this.issueDate = timestamp;
93    }
94  
95    public long getExpirationDate() {
96      return expirationDate;
97    }
98  
99    void setExpirationDate(long timestamp) {
100     this.expirationDate = timestamp;
101   }
102 
103   public long getSequenceNumber() {
104     return sequenceNumber;
105   }
106 
107   void setSequenceNumber(long seq) {
108     this.sequenceNumber = seq;
109   }
110 
111   public byte[] toBytes() {
112     AuthenticationProtos.TokenIdentifier.Builder builder =
113         AuthenticationProtos.TokenIdentifier.newBuilder();
114     builder.setKind(AuthenticationProtos.TokenIdentifier.Kind.HBASE_AUTH_TOKEN);
115     if (username != null) {
116       builder.setUsername(ByteString.copyFromUtf8(username));
117     }
118     builder.setIssueDate(issueDate)
119         .setExpirationDate(expirationDate)
120         .setKeyId(keyId)
121         .setSequenceNumber(sequenceNumber);
122     return builder.build().toByteArray();
123   }
124 
125   @Override
126   public void write(DataOutput out) throws IOException {
127     byte[] pbBytes = toBytes();
128     out.writeInt(pbBytes.length);
129     out.write(pbBytes);
130   }
131 
132   @Override
133   public void readFields(DataInput in) throws IOException {
134     int len = in.readInt();
135     byte[] inBytes = new byte[len];
136     in.readFully(inBytes);
137     AuthenticationProtos.TokenIdentifier identifier =
138         AuthenticationProtos.TokenIdentifier.newBuilder().mergeFrom(inBytes).build();
139     // sanity check on type
140     if (!identifier.hasKind() ||
141         identifier.getKind() != AuthenticationProtos.TokenIdentifier.Kind.HBASE_AUTH_TOKEN) {
142       throw new IOException("Invalid TokenIdentifier kind from input "+identifier.getKind());
143     }
144 
145     // copy the field values
146     if (identifier.hasUsername()) {
147       username = identifier.getUsername().toStringUtf8();
148     }
149     if (identifier.hasKeyId()) {
150       keyId = identifier.getKeyId();
151     }
152     if (identifier.hasIssueDate()) {
153       issueDate = identifier.getIssueDate();
154     }
155     if (identifier.hasExpirationDate()) {
156       expirationDate = identifier.getExpirationDate();
157     }
158     if (identifier.hasSequenceNumber()) {
159       sequenceNumber = identifier.getSequenceNumber();
160     }
161   }
162 
163   @Override
164   public boolean equals(Object other) {
165     if (other == null) {
166       return false;
167     }
168     if (other instanceof AuthenticationTokenIdentifier) {
169       AuthenticationTokenIdentifier ident = (AuthenticationTokenIdentifier)other;
170       return sequenceNumber == ident.getSequenceNumber()
171           && keyId == ident.getKeyId()
172           && issueDate == ident.getIssueDate()
173           && expirationDate == ident.getExpirationDate()
174           && (username == null ? ident.getUsername() == null :
175               username.equals(ident.getUsername()));
176     }
177     return false;
178   }
179 
180   @Override
181   public int hashCode() {
182     return (int)sequenceNumber;
183   }
184 }