Repository: knox Updated Branches: refs/heads/master 47e89d000 -> 653dbf6a1
KNOX-744 - Logout for KnoxSSO WebSSO API Project: http://git-wip-us.apache.org/repos/asf/knox/repo Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/653dbf6a Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/653dbf6a Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/653dbf6a Branch: refs/heads/master Commit: 653dbf6a15a9a077e21745abbc4e737970e4570e Parents: 47e89d0 Author: Larry McCay <lmc...@hortonworks.com> Authored: Fri Nov 18 18:00:40 2016 -0500 Committer: Larry McCay <lmc...@hortonworks.com> Committed: Fri Nov 18 18:00:40 2016 -0500 ---------------------------------------------------------------------- gateway-release/pom.xml | 4 + gateway-service-knoxssout/pom.xml | 67 ++++++++++++ .../service/knoxsso/KnoxSSOutMessages.java | 29 ++++++ .../service/knoxsso/WebSSOutResource.java | 102 +++++++++++++++++++ .../KnoxSSOutServiceDeploymentContributor.java | 56 ++++++++++ ....gateway.deploy.ServiceDeploymentContributor | 19 ++++ .../service/knoxsso/WebSSOutResourceTest.java | 32 ++++++ pom.xml | 8 +- 8 files changed, 316 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/knox/blob/653dbf6a/gateway-release/pom.xml ---------------------------------------------------------------------- diff --git a/gateway-release/pom.xml b/gateway-release/pom.xml index 07a6d8a..e51c1fe 100644 --- a/gateway-release/pom.xml +++ b/gateway-release/pom.xml @@ -192,6 +192,10 @@ </dependency> <dependency> <groupId>${gateway-group}</groupId> + <artifactId>gateway-service-knoxssout</artifactId> + </dependency> + <dependency> + <groupId>${gateway-group}</groupId> <artifactId>gateway-provider-rewrite</artifactId> </dependency> <dependency> http://git-wip-us.apache.org/repos/asf/knox/blob/653dbf6a/gateway-service-knoxssout/pom.xml ---------------------------------------------------------------------- diff --git a/gateway-service-knoxssout/pom.xml b/gateway-service-knoxssout/pom.xml new file mode 100644 index 0000000..0581bd4 --- /dev/null +++ b/gateway-service-knoxssout/pom.xml @@ -0,0 +1,67 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<project xmlns="http://maven.apache.org/POM/4.0.0"; + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd";> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>org.apache.knox</groupId> + <artifactId>gateway</artifactId> + <version>0.11.0-SNAPSHOT</version> + </parent> + <groupId>org.apache.knox</groupId> + <artifactId>gateway-service-knoxssout</artifactId> + <version>0.11.0-SNAPSHOT</version> + <name>gateway-service-knoxssout</name> + <url>http://maven.apache.org</url> + <properties> + <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> + </properties> + <dependencies> + <dependency> + <groupId>${gateway-group}</groupId> + <artifactId>gateway-util-common</artifactId> + </dependency> + <dependency> + <groupId>${gateway-group}</groupId> + <artifactId>gateway-spi</artifactId> + </dependency> + <dependency> + <groupId>${gateway-group}</groupId> + <artifactId>gateway-provider-rewrite</artifactId> + </dependency> + <dependency> + <groupId>${gateway-group}</groupId> + <artifactId>gateway-provider-jersey</artifactId> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.apache.knox</groupId> + <artifactId>gateway-test-utils</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.easymock</groupId> + <artifactId>easymock</artifactId> + <scope>test</scope> + </dependency> </dependencies> +</project> http://git-wip-us.apache.org/repos/asf/knox/blob/653dbf6a/gateway-service-knoxssout/src/main/java/org/apache/hadoop/gateway/service/knoxsso/KnoxSSOutMessages.java ---------------------------------------------------------------------- diff --git a/gateway-service-knoxssout/src/main/java/org/apache/hadoop/gateway/service/knoxsso/KnoxSSOutMessages.java b/gateway-service-knoxssout/src/main/java/org/apache/hadoop/gateway/service/knoxsso/KnoxSSOutMessages.java new file mode 100644 index 0000000..37b10cb --- /dev/null +++ b/gateway-service-knoxssout/src/main/java/org/apache/hadoop/gateway/service/knoxsso/KnoxSSOutMessages.java @@ -0,0 +1,29 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.hadoop.gateway.service.knoxsso; + +import org.apache.hadoop.gateway.i18n.messages.Message; +import org.apache.hadoop.gateway.i18n.messages.MessageLevel; +import org.apache.hadoop.gateway.i18n.messages.Messages; +import org.apache.hadoop.gateway.i18n.messages.StackTrace; + +@Messages(logger="org.apache.hadoop.gateway.service.knoxsso") +public interface KnoxSSOutMessages { + @Message( level = MessageLevel.INFO, text = "There was a problem determining the SSO cookie domain - using default domain.") + void problemWithCookieDomainUsingDefault(); +} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/knox/blob/653dbf6a/gateway-service-knoxssout/src/main/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOutResource.java ---------------------------------------------------------------------- diff --git a/gateway-service-knoxssout/src/main/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOutResource.java b/gateway-service-knoxssout/src/main/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOutResource.java new file mode 100644 index 0000000..e082eb1 --- /dev/null +++ b/gateway-service-knoxssout/src/main/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOutResource.java @@ -0,0 +1,102 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.hadoop.gateway.service.knoxsso; + +import javax.annotation.PostConstruct; +import javax.servlet.ServletContext; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.ws.rs.GET; +import javax.ws.rs.POST; +import javax.ws.rs.Path; +import javax.ws.rs.Produces; +import javax.ws.rs.core.Context; +import javax.ws.rs.core.Response; +import org.apache.hadoop.gateway.i18n.messages.MessagesFactory; +import org.apache.hadoop.gateway.util.Urls; + +import static javax.ws.rs.core.MediaType.APPLICATION_JSON; +import static javax.ws.rs.core.MediaType.APPLICATION_XML; +import static javax.ws.rs.core.Response.ok; + +import java.net.URISyntaxException; + +@Path( WebSSOutResource.RESOURCE_PATH ) +public class WebSSOutResource { + private static final String JWT_COOKIE_NAME = "hadoop-jwt"; + static final String RESOURCE_PATH = "/api/v1/webssout"; + static final String KNOXSSO_RESOURCE_PATH = "/api/v1/websso"; + private static KnoxSSOutMessages log = MessagesFactory.get( KnoxSSOutMessages.class ); + + private String domainSuffix = null; + + @Context + private HttpServletRequest request; + + @Context + private HttpServletResponse response; + + @Context + ServletContext context; + + @PostConstruct + public void init() { + } + + @GET + @Produces({APPLICATION_JSON, APPLICATION_XML}) + public Response doGet() { + boolean rc = removeAuthenticationToken(response); + if (rc) { + return ok().entity("{ \"loggedOut\" : true }").build(); + } else { + return ok().entity("{ \"loggedOut\" : false }").build(); + } + } + + @POST + @Produces({APPLICATION_JSON, APPLICATION_XML}) + public Response doPost() { + boolean rc = removeAuthenticationToken(response); + if (rc) { + return ok().entity("{ \"loggedOut\" : true }").build(); + } else { + return ok().entity("{ \"loggedOut\" : false }").build(); + } + } + + private boolean removeAuthenticationToken(HttpServletResponse response) { + boolean rc = true; + Cookie c = new Cookie(JWT_COOKIE_NAME, null); + c.setMaxAge(0); + c.setPath("/"); + try { + c.setDomain(Urls.getDomainName(request.getRequestURL().toString(), domainSuffix)); + } catch (URISyntaxException e) { + log.problemWithCookieDomainUsingDefault(); + // we are probably not going to be able to + // remove the cookie due to this error but it + // isn't necessarily not going to work. + rc = false; + } + response.addCookie(c); + + return rc; + } +} http://git-wip-us.apache.org/repos/asf/knox/blob/653dbf6a/gateway-service-knoxssout/src/main/java/org/apache/hadoop/gateway/service/knoxsso/deploy/KnoxSSOutServiceDeploymentContributor.java ---------------------------------------------------------------------- diff --git a/gateway-service-knoxssout/src/main/java/org/apache/hadoop/gateway/service/knoxsso/deploy/KnoxSSOutServiceDeploymentContributor.java b/gateway-service-knoxssout/src/main/java/org/apache/hadoop/gateway/service/knoxsso/deploy/KnoxSSOutServiceDeploymentContributor.java new file mode 100644 index 0000000..728fc9f --- /dev/null +++ b/gateway-service-knoxssout/src/main/java/org/apache/hadoop/gateway/service/knoxsso/deploy/KnoxSSOutServiceDeploymentContributor.java @@ -0,0 +1,56 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.hadoop.gateway.service.knoxsso.deploy; + +import org.apache.hadoop.gateway.jersey.JerseyServiceDeploymentContributorBase; + +public class KnoxSSOutServiceDeploymentContributor extends JerseyServiceDeploymentContributorBase { + + /* (non-Javadoc) + * @see org.apache.hadoop.gateway.deploy.ServiceDeploymentContributor#getRole() + */ + @Override + public String getRole() { + return "KNOXSSOUT"; + } + + /* (non-Javadoc) + * @see org.apache.hadoop.gateway.deploy.ServiceDeploymentContributor#getName() + */ + @Override + public String getName() { + return "KnoxSSOutService"; + } + + /* (non-Javadoc) + * @see org.apache.hadoop.gateway.jersey.JerseyServiceDeploymentContributorBase#getPackages() + */ + @Override + protected String[] getPackages() { + return new String[]{ "org.apache.hadoop.gateway.service.knoxsso" }; + } + + /* (non-Javadoc) + * @see org.apache.hadoop.gateway.jersey.JerseyServiceDeploymentContributorBase#getPatterns() + */ + @Override + protected String[] getPatterns() { + return new String[]{ "api/**?**" }; + } + +} http://git-wip-us.apache.org/repos/asf/knox/blob/653dbf6a/gateway-service-knoxssout/src/main/resources/META-INF/services/org.apache.hadoop.gateway.deploy.ServiceDeploymentContributor ---------------------------------------------------------------------- diff --git a/gateway-service-knoxssout/src/main/resources/META-INF/services/org.apache.hadoop.gateway.deploy.ServiceDeploymentContributor b/gateway-service-knoxssout/src/main/resources/META-INF/services/org.apache.hadoop.gateway.deploy.ServiceDeploymentContributor new file mode 100644 index 0000000..76042c5 --- /dev/null +++ b/gateway-service-knoxssout/src/main/resources/META-INF/services/org.apache.hadoop.gateway.deploy.ServiceDeploymentContributor @@ -0,0 +1,19 @@ +########################################################################## +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +########################################################################## + +org.apache.hadoop.gateway.service.knoxsso.deploy.KnoxSSOutServiceDeploymentContributor \ No newline at end of file http://git-wip-us.apache.org/repos/asf/knox/blob/653dbf6a/gateway-service-knoxssout/src/test/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOutResourceTest.java ---------------------------------------------------------------------- diff --git a/gateway-service-knoxssout/src/test/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOutResourceTest.java b/gateway-service-knoxssout/src/test/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOutResourceTest.java new file mode 100644 index 0000000..3f80290 --- /dev/null +++ b/gateway-service-knoxssout/src/test/java/org/apache/hadoop/gateway/service/knoxsso/WebSSOutResourceTest.java @@ -0,0 +1,32 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.hadoop.gateway.service.knoxsso; + +import org.junit.Assert; +import org.junit.Test; + +/** + * + */ +public class WebSSOutResourceTest { + + @Test + public void test() throws Exception { + Assert.assertTrue(true); + } +} http://git-wip-us.apache.org/repos/asf/knox/blob/653dbf6a/pom.xml ---------------------------------------------------------------------- diff --git a/pom.xml b/pom.xml index 3b088ca..c4e5776 100644 --- a/pom.xml +++ b/pom.xml @@ -74,6 +74,7 @@ <module>gateway-service-hbase</module> <module>gateway-service-hive</module> <module>gateway-service-knoxsso</module> + <module>gateway-service-knoxssout</module> <module>gateway-service-webhdfs</module> <module>gateway-service-tgs</module> <module>gateway-service-storm</module> @@ -559,6 +560,11 @@ </dependency> <dependency> <groupId>${gateway-group}</groupId> + <artifactId>gateway-service-knoxssout</artifactId> + <version>${gateway-version}</version> + </dependency> + <dependency> + <groupId>${gateway-group}</groupId> <artifactId>gateway-service-knoxsso</artifactId> <version>${gateway-version}</version> </dependency> @@ -1280,4 +1286,4 @@ </dependencies> </dependencyManagement> -</project> \ No newline at end of file +</project>
