steveloughran commented on a change in pull request #1842: HADOOP-16730 : ABFS:
Add Authorizer Interface
URL: https://github.com/apache/hadoop/pull/1842#discussion_r378938678
##########
File path:
hadoop-tools/hadoop-azure/src/main/java/org/apache/hadoop/fs/azurebfs/extensions/AbfsAuthorizer.java
##########
@@ -18,40 +18,50 @@
package org.apache.hadoop.fs.azurebfs.extensions;
-import java.io.IOException;
-
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceStability;
-import org.apache.hadoop.fs.Path;
-import org.apache.hadoop.fs.permission.FsAction;
+import
org.apache.hadoop.fs.azurebfs.contracts.exceptions.AbfsAuthorizationException;
+import
org.apache.hadoop.fs.azurebfs.contracts.exceptions.AbfsAuthorizerUnhandledException;
+import org.apache.hadoop.fs.azurebfs.services.AuthType;
+
+import java.io.IOException;
/**
* Interface to support authorization in Azure Blob File System.
*/
@InterfaceAudience.LimitedPrivate("authorization-subsystems")
@InterfaceStability.Unstable
public interface AbfsAuthorizer {
-
/**
* Initialize authorizer for Azure Blob File System.
*
* @throws AbfsAuthorizationException if unable to initialize the authorizer.
* @throws IOException network problems or similar.
- * @throws IllegalArgumentException if the required parameters are not
provided.
*/
- void init() throws AbfsAuthorizationException, IOException;
+ void init()
+ throws AbfsAuthorizationException, AbfsAuthorizerUnhandledException;
/**
- * Checks if the provided {@link FsAction} is allowed on the provided {@link
Path}s.
+ * Get AuthType supported by Authorizer if Authorizer would be providing
+ * authentication token to ABFS server.
*
- * @param action the {@link FsAction} being requested on the provided {@link
Path}s.
- * @param absolutePaths The absolute paths of the storage being accessed.
- * @return true if authorized, otherwise false.
- * @throws AbfsAuthorizationException on authorization failure.
- * @throws IOException network problems or similar.
- * @throws IllegalArgumentException if the required parameters are not
provided.
+ * If Authorizer is not going to provide any auth tokens, return
AuthType.None
+ * @return
*/
- boolean isAuthorized(FsAction action, Path... absolutePaths)
- throws AbfsAuthorizationException, IOException;
+ AuthType getAuthType();
-}
+ /**
+ * Checks if the provided {@link AuthorizationResource} is allowed to
+ * perform requested action.
+ *
+ * @param authorizationResource which contains the action and store path URI
+ * @return AuthorizationResult with store URI and Auth token if Authorizer
+ * is providing any.
+ * @throws AbfsAuthorizationException on authorization failure.
+ * @throws IOException network problems or
+ * similarITestAzureBlobFileSystemListStatus.
Review comment:
??
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
