ChenSammi commented on code in PR #5233:
URL: https://github.com/apache/ozone/pull/5233#discussion_r1315802979
##########
hadoop-ozone/s3gateway/src/main/java/org/apache/hadoop/ozone/s3secret/S3SecretManagementEndpoint.java:
##########
@@ -20,31 +20,74 @@
import org.apache.hadoop.ozone.audit.S3GAction;
import org.apache.hadoop.ozone.om.exceptions.OMException;
+import org.apache.hadoop.ozone.om.helpers.S3SecretValue;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import javax.ws.rs.POST;
+import javax.annotation.Nullable;
+import javax.ws.rs.DELETE;
+import javax.ws.rs.PUT;
import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
import javax.ws.rs.core.Response;
import java.io.IOException;
import static javax.ws.rs.core.Response.Status.NOT_FOUND;
/**
- * Revoke secret endpoint.
+ * Endpoint to generate and return S3 secret.
*/
-@Path("/secret/revoke")
+@Path("/secret")
@S3SecretEnabled
-public class S3SecretRevokeEndpoint extends S3SecretEndpointBase {
-
+public class S3SecretManagementEndpoint extends S3SecretEndpointBase {
private static final Logger LOG =
- LoggerFactory.getLogger(S3SecretRevokeEndpoint.class);
+ LoggerFactory.getLogger(S3SecretManagementEndpoint.class);
+
+ @PUT
+ public Response generate() throws IOException {
+ return generateInternal(null);
+ }
+ @PUT
+ @Path("/{username}")
+ public Response generate(@PathParam("username") String username)
+ throws IOException {
+ return generateInternal(username);
+ }
- @POST
+ private Response generateInternal(@Nullable String username)
+ throws IOException {
+ S3SecretResponse s3SecretResponse = new S3SecretResponse();
+ S3SecretValue s3SecretValue = generateS3Secret(username);
+ s3SecretResponse.setAwsSecret(s3SecretValue.getAwsSecret());
+ s3SecretResponse.setAwsAccessKey(s3SecretValue.getAwsAccessKey());
+ AUDIT.logReadSuccess(buildAuditMessageForSuccess(
+ S3GAction.GENERATE_SECRET, getAuditParameters()));
+ return Response.ok(s3SecretResponse).build();
+ }
+
+ private S3SecretValue generateS3Secret(@Nullable String username)
+ throws IOException {
+ String actualUsername = username == null ? userNameFromRequest() :
username;
+ return getClient().getObjectStore().getS3Secret(actualUsername);
+ }
+
+ @DELETE
public Response revoke() throws IOException {
+ return revokeInternal(null);
+ }
+
+ @DELETE
+ @Path("/{username}")
+ public Response revoke(@PathParam("username") String username)
+ throws IOException {
+ return revokeInternal(username);
+ }
+
+ private Response revokeInternal(@Nullable String username)
+ throws IOException {
try {
- revokeSecret();
+ revokeSecret(username);
Review Comment:
@ivanzlenko , I remember that in patch, revokeSecret failure case is handled
already. But it's not here in this patch?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@ozone.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@ozone.apache.org
For additional commands, e-mail: issues-h...@ozone.apache.org
