Repository: hadoop
Updated Branches:
refs/heads/branch-2 245b49332 -> 6e8c69665
HADOOP-14251. Credential provider should handle property key deprecation.
Contributed by John Zhuge.
(cherry picked from commit 7e6463d2fb5f9383d88baec290461868cf476e4c)
Conflicts:
hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/conf/TestConfiguration.java
Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/6e8c6966
Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/6e8c6966
Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/6e8c6966
Branch: refs/heads/branch-2
Commit: 6e8c696651eebba02b70378f52e4c5c3d70c91a9
Parents: 245b493
Author: John Zhuge <[email protected]>
Authored: Wed Aug 23 11:59:47 2017 -0700
Committer: John Zhuge <[email protected]>
Committed: Wed Aug 23 11:59:47 2017 -0700
----------------------------------------------------------------------
.../org/apache/hadoop/conf/Configuration.java | 71 ++++++++++++++++++--
.../apache/hadoop/conf/TestConfiguration.java | 60 +++++++++++++++++
2 files changed, 127 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hadoop/blob/6e8c6966/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/conf/Configuration.java
----------------------------------------------------------------------
diff --git
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/conf/Configuration.java
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/conf/Configuration.java
index 42aa8f6..ce712a8 100644
---
a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/conf/Configuration.java
+++
b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/conf/Configuration.java
@@ -299,18 +299,25 @@ public class Configuration implements
Iterable<Map.Entry<String,String>>,
this.customMessage = customMessage;
}
+ private final String getWarningMessage(String key) {
+ return getWarningMessage(key, null);
+ }
+
/**
* Method to provide the warning message. It gives the custom message if
* non-null, and default message otherwise.
* @param key the associated deprecated key.
+ * @param source the property source.
* @return message that is to be logged when a deprecated key is used.
*/
- private final String getWarningMessage(String key) {
+ private String getWarningMessage(String key, String source) {
String warningMessage;
if(customMessage == null) {
StringBuilder message = new StringBuilder(key);
- String deprecatedKeySuffix = " is deprecated. Instead, use ";
- message.append(deprecatedKeySuffix);
+ if (source != null) {
+ message.append(" in " + source);
+ }
+ message.append(" is deprecated. Instead, use ");
for (int i = 0; i < newKeys.length; i++) {
message.append(newKeys[i]);
if(i != newKeys.length-1) {
@@ -586,6 +593,14 @@ public class Configuration implements
Iterable<Map.Entry<String,String>>,
return deprecationContext.get().getDeprecatedKeyMap().containsKey(key);
}
+ private static String getDeprecatedKey(String key) {
+ return deprecationContext.get().getReverseDeprecatedKeyMap().get(key);
+ }
+
+ private static DeprecatedKeyInfo getDeprecatedKeyInfo(String key) {
+ return deprecationContext.get().getDeprecatedKeyMap().get(key);
+ }
+
/**
* Sets all deprecated properties that are not currently set but have a
* corresponding new property that is set. Useful for iterating the
@@ -1212,6 +1227,13 @@ public class Configuration implements
Iterable<Map.Entry<String,String>>,
LOG_DEPRECATION.info(message);
}
+ void logDeprecationOnce(String name, String source) {
+ DeprecatedKeyInfo keyInfo = getDeprecatedKeyInfo(name);
+ if (keyInfo != null && !keyInfo.getAndSetAccessed()) {
+ LOG_DEPRECATION.info(keyInfo.getWarningMessage(name, source));
+ }
+ }
+
/**
* Unset a previously set property.
*/
@@ -1996,6 +2018,47 @@ public class Configuration implements
Iterable<Map.Entry<String,String>>,
}
/**
+ * Get the credential entry by name from a credential provider.
+ *
+ * Handle key deprecation.
+ *
+ * @param provider a credential provider
+ * @param name alias of the credential
+ * @return the credential entry or null if not found
+ */
+ private CredentialEntry getCredentialEntry(CredentialProvider provider,
+ String name) throws IOException {
+ CredentialEntry entry = provider.getCredentialEntry(name);
+ if (entry != null) {
+ return entry;
+ }
+
+ // The old name is stored in the credential provider.
+ String oldName = getDeprecatedKey(name);
+ if (oldName != null) {
+ entry = provider.getCredentialEntry(oldName);
+ if (entry != null) {
+ logDeprecationOnce(oldName, provider.toString());
+ return entry;
+ }
+ }
+
+ // The name is deprecated.
+ DeprecatedKeyInfo keyInfo = getDeprecatedKeyInfo(name);
+ if (keyInfo != null && keyInfo.newKeys != null) {
+ for (String newName : keyInfo.newKeys) {
+ entry = provider.getCredentialEntry(newName);
+ if (entry != null) {
+ logDeprecationOnce(name, null);
+ return entry;
+ }
+ }
+ }
+
+ return null;
+ }
+
+ /**
* Try and resolve the provided element name as a credential provider
* alias.
* @param name alias of the provisioned credential
@@ -2012,7 +2075,7 @@ public class Configuration implements
Iterable<Map.Entry<String,String>>,
if (providers != null) {
for (CredentialProvider provider : providers) {
try {
- CredentialEntry entry = provider.getCredentialEntry(name);
+ CredentialEntry entry = getCredentialEntry(provider, name);
if (entry != null) {
pass = entry.getCredential();
break;
http://git-wip-us.apache.org/repos/asf/hadoop/blob/6e8c6966/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/conf/TestConfiguration.java
----------------------------------------------------------------------
diff --git
a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/conf/TestConfiguration.java
b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/conf/TestConfiguration.java
index 66f717d..1e0f783 100644
---
a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/conf/TestConfiguration.java
+++
b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/conf/TestConfiguration.java
@@ -49,13 +49,19 @@ import static org.junit.Assert.assertArrayEquals;
import org.apache.commons.lang.StringUtils;
import org.apache.hadoop.conf.Configuration.IntegerRanges;
import org.apache.hadoop.fs.CommonConfigurationKeysPublic;
+import org.apache.hadoop.fs.FileUtil;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.io.IOUtils;
import org.apache.hadoop.net.NetUtils;
+import org.apache.hadoop.security.alias.CredentialProvider;
+import org.apache.hadoop.security.alias.CredentialProviderFactory;
+import org.apache.hadoop.security.alias.LocalJavaKeyStoreProvider;
import org.apache.hadoop.test.GenericTestUtils;
import org.apache.log4j.AppenderSkeleton;
import org.apache.log4j.Logger;
import org.apache.log4j.spi.LoggingEvent;
+import org.hamcrest.CoreMatchers;
+import org.junit.Assert;
import org.mockito.Mockito;
import static org.apache.hadoop.util.PlatformName.IBM_JAVA;
@@ -1903,6 +1909,60 @@ public class TestConfiguration extends TestCase {
+ classes.length, 0, classes.length);
}
+ public void testGetPasswordDeprecatedKeyStored() throws Exception {
+ final String oldKey = "test.password.old.key";
+ final String newKey = "test.password.new.key";
+ final String password = "MyPasswordForDeprecatedKey";
+
+ final File tmpDir = GenericTestUtils.getRandomizedTestDir();
+ tmpDir.mkdirs();
+ final String ourUrl = new URI(LocalJavaKeyStoreProvider.SCHEME_NAME,
+ "file", new File(tmpDir, "test.jks").toString(), null).toString();
+
+ conf = new Configuration(false);
+ conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, ourUrl);
+ CredentialProvider provider =
+ CredentialProviderFactory.getProviders(conf).get(0);
+ provider.createCredentialEntry(oldKey, password.toCharArray());
+ provider.flush();
+
+ Configuration.addDeprecation(oldKey, newKey);
+
+ Assert.assertThat(conf.getPassword(newKey),
+ CoreMatchers.is(password.toCharArray()));
+ Assert.assertThat(conf.getPassword(oldKey),
+ CoreMatchers.is(password.toCharArray()));
+
+ FileUtil.fullyDelete(tmpDir);
+ }
+
+ public void testGetPasswordByDeprecatedKey() throws Exception {
+ final String oldKey = "test.password.old.key";
+ final String newKey = "test.password.new.key";
+ final String password = "MyPasswordForDeprecatedKey";
+
+ final File tmpDir = GenericTestUtils.getRandomizedTestDir();
+ tmpDir.mkdirs();
+ final String ourUrl = new URI(LocalJavaKeyStoreProvider.SCHEME_NAME,
+ "file", new File(tmpDir, "test.jks").toString(), null).toString();
+
+ conf = new Configuration(false);
+ conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, ourUrl);
+ CredentialProvider provider =
+ CredentialProviderFactory.getProviders(conf).get(0);
+ provider.createCredentialEntry(newKey, password.toCharArray());
+ provider.flush();
+
+ Configuration.addDeprecation(oldKey, newKey);
+
+ Assert.assertThat(conf.getPassword(newKey),
+ CoreMatchers.is(password.toCharArray()));
+ Assert.assertThat(conf.getPassword(oldKey),
+ CoreMatchers.is(password.toCharArray()));
+
+ FileUtil.fullyDelete(tmpDir);
+ }
+
public static void main(String[] argv) throws Exception {
junit.textui.TestRunner.main(new String[]{
TestConfiguration.class.getName()
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
