Hi Frank, Just a minor comment:
+ final Date now = new Date(new Date().getTime() / 1000 * 1000); Here the time is divided by 1000 and then multiplied again by 1000... Colm. On Wed, Jan 24, 2018 at 3:03 AM, <[email protected]> wrote: > Repository: directory-kerby > Updated Branches: > refs/heads/has-project d37016227 -> 9e370a760 > > > DIRKRB-685 Add MySQL plugin for new authentication mechanism. > > > Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo > Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/ > commit/9e370a76 > Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/9e370a76 > Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/9e370a76 > > Branch: refs/heads/has-project > Commit: 9e370a760bcba6d978c4fc15203f0530094793d7 > Parents: d370162 > Author: zenglinx <[email protected]> > Authored: Wed Jan 24 11:02:53 2018 +0800 > Committer: zenglinx <[email protected]> > Committed: Wed Jan 24 11:02:53 2018 +0800 > > ---------------------------------------------------------------------- > .../client/mysql/MySQLHasClientPlugin.java | 68 +++++++++++ > .../server/mysql/MySQLHasServerPlugin.java | 112 +++++++++++++++++++ > ...org.apache.hadoop.has.client.HasClientPlugin | 15 --- > ...org.apache.hadoop.has.server.HasServerPlugin | 15 --- > .../org.apache.kerby.has.client.HasClientPlugin | 16 +++ > .../org.apache.kerby.has.server.HasServerPlugin | 16 +++ > .../plugins/TestHasClientPluginRegistry.java | 44 ++++++++ > .../plugins/TestHasServerPluginRegistry.java | 43 +++++++ > 8 files changed, 299 insertions(+), 30 deletions(-) > ---------------------------------------------------------------------- > > > http://git-wip-us.apache.org/repos/asf/directory-kerby/ > blob/9e370a76/has/has-plugins/src/main/java/org/apache/ > kerby/has/plugins/client/mysql/MySQLHasClientPlugin.java > ---------------------------------------------------------------------- > diff --git a/has/has-plugins/src/main/java/org/apache/kerby/has/ > plugins/client/mysql/MySQLHasClientPlugin.java b/has/has-plugins/src/main/ > java/org/apache/kerby/has/plugins/client/mysql/MySQLHasClientPlugin.java > new file mode 100644 > index 0000000..675f295 > --- /dev/null > +++ b/has/has-plugins/src/main/java/org/apache/kerby/has/ > plugins/client/mysql/MySQLHasClientPlugin.java > @@ -0,0 +1,68 @@ > +/** > + * Licensed to the Apache Software Foundation (ASF) under one > + * or more contributor license agreements. See the NOTICE file > + * distributed with this work for additional information > + * regarding copyright ownership. The ASF licenses this file > + * to you under the Apache License, Version 2.0 (the > + * "License"); you may not use this file except in compliance > + * with the License. You may obtain a copy of the License at > + * > + * http://www.apache.org/licenses/LICENSE-2.0 > + * > + * Unless required by applicable law or agreed to in writing, software > + * distributed under the License is distributed on an "AS IS" BASIS, > + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or > implied. > + * See the License for the specific language governing permissions and > + * limitations under the License. > + */ > +package org.apache.kerby.has.plugins.client.mysql; > + > +import org.apache.kerby.has.client.AbstractHasClientPlugin; > +import org.apache.kerby.kerberos.kerb.type.base.AuthToken; > +import org.slf4j.Logger; > +import org.slf4j.LoggerFactory; > + > +import java.util.Date; > + > +public class MySQLHasClientPlugin extends AbstractHasClientPlugin { > + private static final Logger LOG = LoggerFactory.getLogger( > MySQLHasClientPlugin.class); > + > + /** > + * {@inheritDoc} > + */ > + @Override > + public String getLoginType() { > + return "MySQL"; > + } > + > + @Override > + protected void doLogin(AuthToken authToken) { > + > + //Get the ak info from env > + String userName = System.getenv("userName"); > + String password = System.getenv("password"); > + > + String mysqlUrl = System.getenv("mysqlUrl"); > + String mysqlUser = System.getenv("mysqlUser"); > + String mysqlPasswd = System.getenv("mysqlPasswd"); > + > + LOG.debug("Get the mysql login info successfully."); > + > + authToken.setIssuer("has"); > + authToken.setSubject(userName); > + > + final Date now = new Date(new Date().getTime() / 1000 * 1000); > + authToken.setIssueTime(now); > + // Set expiration in 60 minutes > + Date exp = new Date(now.getTime() + 1000 * 60 * 60); > + authToken.setExpirationTime(exp); > + > + authToken.addAttribute("user", userName); > + authToken.addAttribute("secret", password); > + authToken.addAttribute("mysqlUrl", mysqlUrl); > + authToken.addAttribute("mysqlUser", mysqlUser); > + authToken.addAttribute("mysqlPasswd", mysqlPasswd); > + > + authToken.addAttribute("passPhrase", userName + password); > + } > +} > > http://git-wip-us.apache.org/repos/asf/directory-kerby/ > blob/9e370a76/has/has-plugins/src/main/java/org/apache/ > kerby/has/plugins/server/mysql/MySQLHasServerPlugin.java > ---------------------------------------------------------------------- > diff --git a/has/has-plugins/src/main/java/org/apache/kerby/has/ > plugins/server/mysql/MySQLHasServerPlugin.java b/has/has-plugins/src/main/ > java/org/apache/kerby/has/plugins/server/mysql/MySQLHasServerPlugin.java > new file mode 100644 > index 0000000..7c58b21 > --- /dev/null > +++ b/has/has-plugins/src/main/java/org/apache/kerby/has/ > plugins/server/mysql/MySQLHasServerPlugin.java > @@ -0,0 +1,112 @@ > +/** > + * Licensed to the Apache Software Foundation (ASF) under one > + * or more contributor license agreements. See the NOTICE file > + * distributed with this work for additional information > + * regarding copyright ownership. The ASF licenses this file > + * to you under the Apache License, Version 2.0 (the > + * "License"); you may not use this file except in compliance > + * with the License. You may obtain a copy of the License at > + * > + * http://www.apache.org/licenses/LICENSE-2.0 > + * > + * Unless required by applicable law or agreed to in writing, software > + * distributed under the License is distributed on an "AS IS" BASIS, > + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or > implied. > + * See the License for the specific language governing permissions and > + * limitations under the License. > + */ > +package org.apache.kerby.has.plugins.server.mysql; > + > +import org.apache.commons.dbutils.DbUtils; > +import org.apache.kerby.has.server.AbstractHasServerPlugin; > +import org.apache.kerby.has.server.HasAuthenException; > +import org.apache.kerby.kerberos.kerb.type.base.AuthToken; > +import org.slf4j.Logger; > +import org.slf4j.LoggerFactory; > + > +import java.sql.ResultSet; > +import java.sql.Connection; > +import java.sql.SQLException; > +import java.sql.DriverManager; > +import java.sql.PreparedStatement; > + > +public class MySQLHasServerPlugin extends AbstractHasServerPlugin { > + private static final Logger LOG = LoggerFactory.getLogger( > MySQLHasServerPlugin.class); > + > + /** > + * {@inheritDoc} > + */ > + @Override > + public String getLoginType() { > + return "MySQL"; > + } > + > + /** > + * {@inheritDoc} > + */ > + @Override > + public void doAuthenticate(AuthToken userToken, AuthToken authToken) > + throws HasAuthenException { > + String user = (String) userToken.getAttributes().get("user"); > + String secret = (String) userToken.getAttributes().get("secret"); > + > + String mysqlUrl = (String) userToken.getAttributes().get( > "mysqlUrl"); > + mysqlUrl = mysqlUrl.replace("jdbc:mysql:", "jdbc:mysql:thin:"); > + String mysqlUser = (String) userToken.getAttributes().get( > "mysqlUser"); > + String mysqlPasswd = (String) userToken.getAttributes().get( > "mysqlPasswd"); > + Connection connection = startConnection(mysqlUrl, mysqlUser, > mysqlPasswd); > + > + ResultSet res = null; > + PreparedStatement preStm = null; > + try { > + String stm = "SELECT COUNT(*) FROM `has_user` WHERE user_name > = ? AND pass_word = ?"; > + preStm = connection.prepareStatement(stm); > + preStm.setString(1, user); > + preStm.setString(2, secret); > + res = preStm.executeQuery(); > + if (res.next() && res.getInt(1) > 0) { > + LOG.debug("UserName: " + user); > + } else { > + LOG.error("Authentication failed."); > + throw new HasAuthenException("Authentication failed."); > + } > + } catch (SQLException e) { > + LOG.error("Failed."); > + LOG.error("Error code: " + e.getErrorCode()); > + LOG.error("Error message: " + e.getMessage()); > + throw new HasAuthenException("Authentication failed." + > e.getMessage()); > + } finally { > + DbUtils.closeQuietly(preStm); > + DbUtils.closeQuietly(res); > + DbUtils.closeQuietly(connection); > + } > + > + authToken.setIssuer(userToken.getIssuer()); > + authToken.setSubject(user); > + authToken.setExpirationTime(userToken.getExpiredTime()); > + > + authToken.addAttribute("userName", user); > + authToken.addAttribute("passPhrase", user + secret); > + } > + > + /** > + * Start the MySQL connection. > + */ > + private Connection startConnection(String url, String user, > + String password) throws > HasAuthenException { > + Connection connection; > + try { > + Class.forName("org.drizzle.jdbc.DrizzleDriver"); > + connection = DriverManager.getConnection(url, user, > password); > + if (!connection.isClosed()) { > + LOG.info("Succeeded in connecting to MySQL."); > + } > + } catch (ClassNotFoundException e) { > + throw new HasAuthenException("JDBC Driver Class not found. ", > e); > + } catch (SQLException e) { > + throw new HasAuthenException("Failed to connecting to MySQL. > ", e); > + } > + > + return connection; > + } > +} > > http://git-wip-us.apache.org/repos/asf/directory-kerby/ > blob/9e370a76/has/has-plugins/src/main/resources/META-INF/ > services/org.apache.hadoop.has.client.HasClientPlugin > ---------------------------------------------------------------------- > diff --git a/has/has-plugins/src/main/resources/META-INF/services/ > org.apache.hadoop.has.client.HasClientPlugin b/has/has-plugins/src/main/ > resources/META-INF/services/org.apache.hadoop.has.client.HasClientPlugin > deleted file mode 100644 > index 09697dc..0000000 > --- a/has/has-plugins/src/main/resources/META-INF/services/ > org.apache.hadoop.has.client.HasClientPlugin > +++ /dev/null > @@ -1,15 +0,0 @@ > -# Licensed to the Apache Software Foundation (ASF) under one or more > -# contributor license agreements. See the NOTICE file distributed with > -# this work for additional information regarding copyright ownership. > -# The ASF licenses this file to You under the Apache License, Version 2.0 > -# (the "License"); you may not use this file except in compliance with > -# the License. You may obtain a copy of the License at > -# > -# http://www.apache.org/licenses/LICENSE-2.0 > -# > -# Unless required by applicable law or agreed to in writing, software > -# distributed under the License is distributed on an "AS IS" BASIS, > -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. > -# See the License for the specific language governing permissions and > -# limitations under the License. > - > > http://git-wip-us.apache.org/repos/asf/directory-kerby/ > blob/9e370a76/has/has-plugins/src/main/resources/META-INF/ > services/org.apache.hadoop.has.server.HasServerPlugin > ---------------------------------------------------------------------- > diff --git a/has/has-plugins/src/main/resources/META-INF/services/ > org.apache.hadoop.has.server.HasServerPlugin b/has/has-plugins/src/main/ > resources/META-INF/services/org.apache.hadoop.has.server.HasServerPlugin > deleted file mode 100644 > index 09697dc..0000000 > --- a/has/has-plugins/src/main/resources/META-INF/services/ > org.apache.hadoop.has.server.HasServerPlugin > +++ /dev/null > @@ -1,15 +0,0 @@ > -# Licensed to the Apache Software Foundation (ASF) under one or more > -# contributor license agreements. See the NOTICE file distributed with > -# this work for additional information regarding copyright ownership. > -# The ASF licenses this file to You under the Apache License, Version 2.0 > -# (the "License"); you may not use this file except in compliance with > -# the License. You may obtain a copy of the License at > -# > -# http://www.apache.org/licenses/LICENSE-2.0 > -# > -# Unless required by applicable law or agreed to in writing, software > -# distributed under the License is distributed on an "AS IS" BASIS, > -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. > -# See the License for the specific language governing permissions and > -# limitations under the License. > - > > http://git-wip-us.apache.org/repos/asf/directory-kerby/ > blob/9e370a76/has/has-plugins/src/main/resources/META-INF/ > services/org.apache.kerby.has.client.HasClientPlugin > ---------------------------------------------------------------------- > diff --git a/has/has-plugins/src/main/resources/META-INF/services/ > org.apache.kerby.has.client.HasClientPlugin b/has/has-plugins/src/main/ > resources/META-INF/services/org.apache.kerby.has.client.HasClientPlugin > new file mode 100644 > index 0000000..cc3cac3 > --- /dev/null > +++ b/has/has-plugins/src/main/resources/META-INF/services/ > org.apache.kerby.has.client.HasClientPlugin > @@ -0,0 +1,16 @@ > +# Licensed to the Apache Software Foundation (ASF) under one or more > +# contributor license agreements. See the NOTICE file distributed with > +# this work for additional information regarding copyright ownership. > +# The ASF licenses this file to You under the Apache License, Version 2.0 > +# (the "License"); you may not use this file except in compliance with > +# the License. You may obtain a copy of the License at > +# > +# http://www.apache.org/licenses/LICENSE-2.0 > +# > +# Unless required by applicable law or agreed to in writing, software > +# distributed under the License is distributed on an "AS IS" BASIS, > +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. > +# See the License for the specific language governing permissions and > +# limitations under the License. > + > +org.apache.kerby.has.plugins.client.mysql.MySQLHasClientPlugin > > http://git-wip-us.apache.org/repos/asf/directory-kerby/ > blob/9e370a76/has/has-plugins/src/main/resources/META-INF/ > services/org.apache.kerby.has.server.HasServerPlugin > ---------------------------------------------------------------------- > diff --git a/has/has-plugins/src/main/resources/META-INF/services/ > org.apache.kerby.has.server.HasServerPlugin b/has/has-plugins/src/main/ > resources/META-INF/services/org.apache.kerby.has.server.HasServerPlugin > new file mode 100644 > index 0000000..dfb9637 > --- /dev/null > +++ b/has/has-plugins/src/main/resources/META-INF/services/ > org.apache.kerby.has.server.HasServerPlugin > @@ -0,0 +1,16 @@ > +# Licensed to the Apache Software Foundation (ASF) under one or more > +# contributor license agreements. See the NOTICE file distributed with > +# this work for additional information regarding copyright ownership. > +# The ASF licenses this file to You under the Apache License, Version 2.0 > +# (the "License"); you may not use this file except in compliance with > +# the License. You may obtain a copy of the License at > +# > +# http://www.apache.org/licenses/LICENSE-2.0 > +# > +# Unless required by applicable law or agreed to in writing, software > +# distributed under the License is distributed on an "AS IS" BASIS, > +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. > +# See the License for the specific language governing permissions and > +# limitations under the License. > + > +org.apache.kerby.has.plugins.server.mysql.MySQLHasServerPlugin > > http://git-wip-us.apache.org/repos/asf/directory-kerby/ > blob/9e370a76/has/has-plugins/src/test/java/org/apache/kerby/has/plugins/ > TestHasClientPluginRegistry.java > ---------------------------------------------------------------------- > diff --git a/has/has-plugins/src/test/java/org/apache/kerby/has/plugins/ > TestHasClientPluginRegistry.java b/has/has-plugins/src/test/ > java/org/apache/kerby/has/plugins/TestHasClientPluginRegistry.java > new file mode 100644 > index 0000000..55f0f70 > --- /dev/null > +++ b/has/has-plugins/src/test/java/org/apache/kerby/has/plugins/ > TestHasClientPluginRegistry.java > @@ -0,0 +1,44 @@ > +/** > + * Licensed to the Apache Software Foundation (ASF) under one > + * or more contributor license agreements. See the NOTICE file > + * distributed with this work for additional information > + * regarding copyright ownership. The ASF licenses this file > + * to you under the Apache License, Version 2.0 (the > + * "License"); you may not use this file except in compliance > + * with the License. You may obtain a copy of the License at > + * > + * http://www.apache.org/licenses/LICENSE-2.0 > + * > + * Unless required by applicable law or agreed to in writing, software > + * distributed under the License is distributed on an "AS IS" BASIS, > + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or > implied. > + * See the License for the specific language governing permissions and > + * limitations under the License. > + */ > +package org.apache.kerby.has.plugins; > + > +import org.apache.kerby.has.client.HasClientPluginRegistry; > +import org.apache.kerby.has.common.HasException; > +import org.junit.Assert; > +import org.junit.Test; > + > +import java.util.Set; > + > +public class TestHasClientPluginRegistry { > + > + @Test > + public void testInit() { > + Set<String> pluginsNames = HasClientPluginRegistry. > registeredPlugins(); > + Assert.assertTrue(pluginsNames.size() > 0); > + } > + > + @Test > + public void testCreatePlugin() throws HasException { > + Assert.assertTrue(HasClientPluginRegistry.createPlugin("MySQL") != > null); > + Set<String> pluginNames = HasClientPluginRegistry. > registeredPlugins(); > + for (String name : pluginNames) { > + HasClientPluginRegistry.createPlugin(name); > + } > + } > +} > + > > http://git-wip-us.apache.org/repos/asf/directory-kerby/ > blob/9e370a76/has/has-plugins/src/test/java/org/apache/kerby/has/plugins/ > TestHasServerPluginRegistry.java > ---------------------------------------------------------------------- > diff --git a/has/has-plugins/src/test/java/org/apache/kerby/has/plugins/ > TestHasServerPluginRegistry.java b/has/has-plugins/src/test/ > java/org/apache/kerby/has/plugins/TestHasServerPluginRegistry.java > new file mode 100644 > index 0000000..d727b12 > --- /dev/null > +++ b/has/has-plugins/src/test/java/org/apache/kerby/has/plugins/ > TestHasServerPluginRegistry.java > @@ -0,0 +1,43 @@ > +/** > + * Licensed to the Apache Software Foundation (ASF) under one > + * or more contributor license agreements. See the NOTICE file > + * distributed with this work for additional information > + * regarding copyright ownership. The ASF licenses this file > + * to you under the Apache License, Version 2.0 (the > + * "License"); you may not use this file except in compliance > + * with the License. You may obtain a copy of the License at > + * > + * http://www.apache.org/licenses/LICENSE-2.0 > + * > + * Unless required by applicable law or agreed to in writing, software > + * distributed under the License is distributed on an "AS IS" BASIS, > + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or > implied. > + * See the License for the specific language governing permissions and > + * limitations under the License. > + */ > +package org.apache.kerby.has.plugins; > + > +import org.apache.kerby.has.common.HasException; > +import org.apache.kerby.has.server.HasServerPluginRegistry; > +import org.junit.Assert; > +import org.junit.Test; > + > +import java.util.Set; > + > +public class TestHasServerPluginRegistry { > + > + @Test > + public void testInit() { > + Set<String> pluginsNames = HasServerPluginRegistry. > registeredPlugins(); > + Assert.assertTrue(pluginsNames.size() > 0); > + } > + > + @Test > + public void testCreatePlugin() throws HasException { > + Assert.assertTrue(HasServerPluginRegistry.createPlugin("MySQL") != > null); > + Set<String> pluginNames = HasServerPluginRegistry. > registeredPlugins(); > + for (String name : pluginNames) { > + HasServerPluginRegistry.createPlugin(name); > + } > + } > +} > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
