Source code

001/*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.hadoop.hbase.security.provider.example;
019
020import java.util.Collection;
021import java.util.Optional;
022import org.apache.hadoop.conf.Configuration;
023import org.apache.hadoop.hbase.security.User;
024import org.apache.hadoop.hbase.security.provider.BuiltInProviderSelector;
025import org.apache.hadoop.hbase.security.provider.SaslClientAuthenticationProvider;
026import org.apache.hadoop.hbase.util.Pair;
027import org.apache.hadoop.io.Text;
028import org.apache.hadoop.security.token.Token;
029import org.apache.hadoop.security.token.TokenIdentifier;
030import org.apache.yetus.audience.InterfaceAudience;
031
032@InterfaceAudience.Private
033public class ShadeProviderSelector extends BuiltInProviderSelector {
034
035  private final Text SHADE_TOKEN_KIND_TEXT = new Text(ShadeSaslAuthenticationProvider.TOKEN_KIND);
036  private ShadeSaslClientAuthenticationProvider shade;
037
038  @Override
039  public void configure(Configuration conf,
040    Collection<SaslClientAuthenticationProvider> providers) {
041    super.configure(conf, providers);
042
043    this.shade = (ShadeSaslClientAuthenticationProvider) providers.stream()
044      .filter((p) -> p instanceof ShadeSaslClientAuthenticationProvider).findFirst()
045      .orElseThrow(() -> new RuntimeException("ShadeSaslClientAuthenticationProvider not loaded"));
046  }
047
048  @Override
049  public Pair<SaslClientAuthenticationProvider, Token<? extends TokenIdentifier>>
050    selectProvider(String clusterId, User user) {
051    Pair<SaslClientAuthenticationProvider, Token<? extends TokenIdentifier>> pair =
052      super.selectProvider(clusterId, user);
053
054    Optional<Token<?>> optional = user.getTokens().stream()
055      .filter((t) -> SHADE_TOKEN_KIND_TEXT.equals(t.getKind())).findFirst();
056    if (optional.isPresent()) {
057      return new Pair<>(shade, optional.get());
058    }
059
060    return pair;
061  }
062}