Repository: hadoop Updated Branches: refs/heads/branch-3.2 b9a3c988c -> a15bcf97a
HADOOP-15687. Credentials class should allow access to aliases. Author: Lars Francke <lars.fran...@gmail.com> (cherry picked from commit cb8d679c95642842efacc5d38ccf2a61b043c689) Project: http://git-wip-us.apache.org/repos/asf/hadoop/repo Commit: http://git-wip-us.apache.org/repos/asf/hadoop/commit/a15bcf97 Tree: http://git-wip-us.apache.org/repos/asf/hadoop/tree/a15bcf97 Diff: http://git-wip-us.apache.org/repos/asf/hadoop/diff/a15bcf97 Branch: refs/heads/branch-3.2 Commit: a15bcf97a4e1fec8281d395049a253374dc4bb28 Parents: b9a3c98 Author: Lars Francke <lars.fran...@gmail.com> Authored: Sat Nov 3 16:29:35 2018 +0000 Committer: Steve Loughran <ste...@apache.org> Committed: Sat Nov 3 16:29:56 2018 +0000 ---------------------------------------------------------------------- .../org/apache/hadoop/security/Credentials.java | 15 ++++++ .../apache/hadoop/security/TestCredentials.java | 57 ++++++++++---------- 2 files changed, 44 insertions(+), 28 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hadoop/blob/a15bcf97/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/Credentials.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/Credentials.java b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/Credentials.java index 6a9527a..e91dff0 100644 --- a/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/Credentials.java +++ b/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/security/Credentials.java @@ -31,6 +31,7 @@ import java.io.IOException; import java.nio.charset.StandardCharsets; import java.util.Arrays; import java.util.Collection; +import java.util.Collections; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -141,6 +142,13 @@ public class Credentials implements Writable { } /** + * Returns an unmodifiable version of the full map of aliases to Tokens. + */ + public Map<Text, Token<? extends TokenIdentifier>> getTokenMap() { + return Collections.unmodifiableMap(tokenMap); + } + + /** * @return number of Tokens in the in-memory map */ public int numberOfTokens() { @@ -191,6 +199,13 @@ public class Credentials implements Writable { } /** + * Returns an unmodifiable version of the full map of aliases to secret keys. + */ + public Map<Text, byte[]> getSecretKeyMap() { + return Collections.unmodifiableMap(secretKeysMap); + } + + /** * Convenience method for reading a token storage file and loading its Tokens. * @param filename * @param conf http://git-wip-us.apache.org/repos/asf/hadoop/blob/a15bcf97/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestCredentials.java ---------------------------------------------------------------------- diff --git a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestCredentials.java b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestCredentials.java index 1245c07..02ba153 100644 --- a/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestCredentials.java +++ b/hadoop-common-project/hadoop-common/src/test/java/org/apache/hadoop/security/TestCredentials.java @@ -39,8 +39,6 @@ import java.util.Collection; import javax.crypto.KeyGenerator; import org.apache.hadoop.io.Text; -import org.apache.hadoop.io.WritableComparator; -import org.apache.hadoop.security.Credentials; import org.apache.hadoop.security.token.Token; import org.apache.hadoop.security.token.TokenIdentifier; import org.apache.hadoop.test.GenericTestUtils; @@ -74,6 +72,9 @@ public class TestCredentials { Token<T> token2 = new Token(); Text service1 = new Text("service1"); Text service2 = new Text("service2"); + Text alias1 = new Text("sometoken1"); + Text alias2 = new Text("sometoken2"); + Collection<Text> services = new ArrayList<Text>(); services.add(service1); @@ -81,8 +82,8 @@ public class TestCredentials { token1.setService(service1); token2.setService(service2); - ts.addToken(new Text("sometoken1"), token1); - ts.addToken(new Text("sometoken2"), token2); + ts.addToken(alias1, token1); + ts.addToken(alias2, token2); // create keys and put it in final KeyGenerator kg = KeyGenerator.getInstance(DEFAULT_HMAC_ALGORITHM); @@ -109,32 +110,32 @@ public class TestCredentials { dis.close(); // get the tokens and compare the services - Collection<Token<? extends TokenIdentifier>> list = ts.getAllTokens(); - assertEquals("getAllTokens should return collection of size 2", - list.size(), 2); - boolean foundFirst = false; - boolean foundSecond = false; - for (Token<? extends TokenIdentifier> token : list) { - if (token.getService().equals(service1)) { - foundFirst = true; - } - if (token.getService().equals(service2)) { - foundSecond = true; - } - } - assertTrue("Tokens for services service1 and service2 must be present", - foundFirst && foundSecond); + Map<Text, Token<? extends TokenIdentifier>> tokenMap = ts.getTokenMap(); + assertEquals("getTokenMap should return collection of size 2", 2, + tokenMap.size()); + assertTrue("Token for alias " + alias1 + " must be present", + tokenMap.containsKey(alias1)); + assertTrue("Token for alias " + alias2 + " must be present", + tokenMap.containsKey(alias2)); + assertEquals("Token for service " + service1 + " must be present", service1, + tokenMap.get(alias1).getService()); + assertEquals("Token for service " + service2 + " must be present", service2, + tokenMap.get(alias2).getService()); + + // compare secret keys - int mapLen = m.size(); - assertEquals("wrong number of keys in the Storage", - mapLen, ts.numberOfSecretKeys()); - for(Text a : m.keySet()) { - byte [] kTS = ts.getSecretKey(a); - byte [] kLocal = m.get(a); - assertTrue("keys don't match for " + a, - WritableComparator.compareBytes(kTS, 0, kTS.length, kLocal, - 0, kLocal.length)==0); + Map<Text, byte[]> secretKeyMap = ts.getSecretKeyMap(); + assertEquals("wrong number of keys in the Storage", m.size(), + ts.numberOfSecretKeys()); + + for (Map.Entry<Text, byte[]> entry : m.entrySet()) { + byte[] key = secretKeyMap.get(entry.getKey()); + assertNotNull("Secret key for alias " + entry.getKey() + " not found", + key); + assertTrue("Keys don't match for alias " + entry.getKey(), + Arrays.equals(key, entry.getValue())); } + tmpFileName.delete(); } --------------------------------------------------------------------- To unsubscribe, e-mail: common-commits-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-commits-h...@hadoop.apache.org
