[
https://issues.apache.org/jira/browse/YARN-11225?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17647788#comment-17647788
]
ASF GitHub Bot commented on YARN-11225:
---------------------------------------
slfan1989 commented on code in PR #5185:
URL: https://github.com/apache/hadoop/pull/5185#discussion_r1049129569
##########
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-router/src/main/java/org/apache/hadoop/yarn/server/router/webapp/FederationInterceptorREST.java:
##########
@@ -1564,25 +1581,178 @@ public Response updateAppQueue(AppQueue targetQueue,
HttpServletRequest hsr,
throw new RuntimeException("updateAppQueue Failed.");
}
+ /**
+ * This method posts a delegation token from the client.
+ *
+ * @param tokenData the token to delegate. It is a content param.
+ * @param hsr the servlet request.
+ * @return Response containing the status code.
+ * @throws AuthorizationException if Kerberos auth failed.
+ * @throws IOException if the delegation failed.
+ * @throws InterruptedException if interrupted.
+ * @throws Exception in case of bad request.
+ */
@Override
- public Response postDelegationToken(DelegationToken tokenData,
- HttpServletRequest hsr) throws AuthorizationException, IOException,
- InterruptedException, Exception {
- throw new NotImplementedException("Code is not implemented");
+ public Response postDelegationToken(DelegationToken tokenData,
HttpServletRequest hsr)
+ throws AuthorizationException, IOException, InterruptedException,
Exception {
+
+ if (tokenData == null || hsr == null) {
+ throw new IllegalArgumentException("Parameter error, the tokenData or
hsr is null.");
+ }
+
+ try {
+ // get Caller UserGroupInformation
+ Configuration conf = federationFacade.getConf();
+ UserGroupInformation callerUGI = getKerberosUserGroupInformation(conf,
hsr);
+
+ // create a delegation token
+ return createDelegationToken(tokenData, callerUGI);
+ } catch (YarnException e) {
+ LOG.error("Create delegation token request failed.", e);
+ return Response.status(Status.FORBIDDEN).entity(e.getMessage()).build();
+ }
}
+ /**
+ * Create DelegationToken.
+ *
+ * @param dtoken DelegationToken Data.
+ * @param callerUGI UserGroupInformation.
+ * @return Response.
+ * @throws Exception An exception occurred when creating a delegationToken.
+ */
+ private Response createDelegationToken(DelegationToken dtoken,
UserGroupInformation callerUGI)
+ throws IOException, InterruptedException {
+
+ String renewer = dtoken.getRenewer();
+
+ GetDelegationTokenResponse resp = callerUGI.doAs(
+ (PrivilegedExceptionAction<GetDelegationTokenResponse>) () -> {
+ GetDelegationTokenRequest createReq =
GetDelegationTokenRequest.newInstance(renewer);
+ return this.getRouterClientRMService().getDelegationToken(createReq);
+ });
+
+ org.apache.hadoop.yarn.api.records.Token token =
resp.getRMDelegationToken();
Review Comment:
Thanks for your suggestion, I will modify the code.
##########
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-router/src/test/java/org/apache/hadoop/yarn/server/router/webapp/TestFederationInterceptorREST.java:
##########
@@ -156,6 +172,31 @@ public void setUp() {
Assert.fail();
Review Comment:
I will fix it.
> [Federation] Add postDelegationToken, postDelegationTokenExpiration,
> cancelDelegationToken REST APIs for Router
> ----------------------------------------------------------------------------------------------------------------
>
> Key: YARN-11225
> URL: https://issues.apache.org/jira/browse/YARN-11225
> Project: Hadoop YARN
> Issue Type: Sub-task
> Components: federation
> Affects Versions: 3.4.0, 3.3.4
> Reporter: Shilun Fan
> Assignee: Shilun Fan
> Priority: Major
> Labels: pull-request-available
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
