Merge "Add support of keystone v3 password/token authentication method"
This commit is contained in:
commit
ccf3e5c6fa
|
@ -18,28 +18,45 @@
|
|||
|
||||
package org.apache.hadoop.fs.swift.auth;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import org.codehaus.jackson.annotate.JsonProperty;
|
||||
import org.codehaus.jackson.annotate.JsonWriteNullProperties;
|
||||
|
||||
/**
|
||||
* Class that represents authentication request to Openstack Keystone v3.
|
||||
* Contains basic authentication information.
|
||||
* THIS FILE IS MAPPED BY JACKSON TO AND FROM JSON.
|
||||
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
|
||||
*/
|
||||
@JsonWriteNullProperties(false)
|
||||
public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
|
||||
/**
|
||||
* Credentials for login
|
||||
*/
|
||||
private IdentityWrapper identity;
|
||||
private final IdentityWrapper identity;
|
||||
private final ScopeWrapper scope;
|
||||
|
||||
public PasswordAuthenticationRequestV3(PasswordCredentialsV3 passwordCredentials) {
|
||||
this.identity = new IdentityWrapper(new PasswordWrapper(passwordCredentials));
|
||||
public PasswordAuthenticationRequestV3(ScopeWrapper scope,
|
||||
PasswordCredentialsV3 passwordCreds) {
|
||||
this.identity = new IdentityWrapper(new PasswordWrapper(passwordCreds));
|
||||
this.scope = scope;
|
||||
}
|
||||
|
||||
public PasswordAuthenticationRequestV3(String projectName,
|
||||
PasswordCredentialsV3 passwordCreds) {
|
||||
this(projectName == null ? null :
|
||||
new ScopeWrapper(new ProjectWrapper(projectName)),
|
||||
passwordCreds);
|
||||
}
|
||||
|
||||
public IdentityWrapper getIdentity() {
|
||||
return identity;
|
||||
}
|
||||
|
||||
public void setIdentity(IdentityWrapper identity) {
|
||||
this.identity = identity;
|
||||
public ScopeWrapper getScope() {
|
||||
return scope;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -48,8 +65,8 @@ public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
|
|||
}
|
||||
|
||||
public static class IdentityWrapper {
|
||||
private PasswordWrapper password;
|
||||
public final String[] methods;
|
||||
private final PasswordWrapper password;
|
||||
private final String[] methods;
|
||||
|
||||
public IdentityWrapper(PasswordWrapper password) {
|
||||
this.password = password;
|
||||
|
@ -60,13 +77,17 @@ public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
|
|||
return password;
|
||||
}
|
||||
|
||||
public void setPassword(PasswordWrapper password) {
|
||||
this.password = password;
|
||||
public String[] getMethods() {
|
||||
return methods;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
|
||||
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
|
||||
*/
|
||||
public static class PasswordWrapper {
|
||||
private PasswordCredentialsV3 user;
|
||||
private final PasswordCredentialsV3 user;
|
||||
|
||||
public PasswordWrapper(PasswordCredentialsV3 user) {
|
||||
this.user = user;
|
||||
|
@ -75,9 +96,73 @@ public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
|
|||
public PasswordCredentialsV3 getUser() {
|
||||
return user;
|
||||
}
|
||||
}
|
||||
|
||||
public void setUser(PasswordCredentialsV3 user) {
|
||||
this.user = user;
|
||||
/**
|
||||
* THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
|
||||
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
|
||||
*/
|
||||
@JsonWriteNullProperties(false)
|
||||
public static class ScopeWrapper {
|
||||
private final ProjectWrapper project;
|
||||
private final TrustWrapper trust;
|
||||
|
||||
public ScopeWrapper(ProjectWrapper project) {
|
||||
this.project = project;
|
||||
this.trust = null;
|
||||
}
|
||||
|
||||
public ScopeWrapper(TrustWrapper trust) {
|
||||
this.project = null;
|
||||
this.trust = trust;
|
||||
}
|
||||
|
||||
public ProjectWrapper getProject() {
|
||||
return project;
|
||||
}
|
||||
|
||||
@JsonProperty("OS-TRUST:trust")
|
||||
public TrustWrapper getTrust() {
|
||||
return trust;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
|
||||
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
|
||||
*/
|
||||
public static class ProjectWrapper {
|
||||
private final String name;
|
||||
private final Map<String, String> domain;
|
||||
|
||||
public ProjectWrapper(String projectName) {
|
||||
this.domain = new HashMap();
|
||||
this.domain.put("id", "default");
|
||||
this.name = projectName;
|
||||
}
|
||||
|
||||
public String getName() {
|
||||
return name;
|
||||
}
|
||||
|
||||
public Map<String, String> getDomain() {
|
||||
return domain;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
|
||||
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
|
||||
*/
|
||||
public static class TrustWrapper {
|
||||
private final String id;
|
||||
|
||||
public TrustWrapper(String trustId) {
|
||||
id = trustId;
|
||||
}
|
||||
|
||||
public String getId() {
|
||||
return id;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,83 @@
|
|||
/*
|
||||
* Licensed to the Apache Software Foundation (ASF) under one
|
||||
* or more contributor license agreements. See the NOTICE file
|
||||
* distributed with this work for additional information
|
||||
* regarding copyright ownership. The ASF licenses this file
|
||||
* to you under the Apache License, Version 2.0 (the
|
||||
* "License"); you may not use this file except in compliance
|
||||
* with the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.apache.hadoop.fs.swift.auth;
|
||||
|
||||
/**
|
||||
* Class that represents authentication request to Openstack Keystone v3.
|
||||
* Contains basic authentication information.
|
||||
* THIS FILE IS MAPPED BY JACKSON TO AND FROM JSON.
|
||||
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
|
||||
*/
|
||||
public class TokenAuthenticationRequestV3 extends AuthenticationRequestV3 {
|
||||
/**
|
||||
* Credentials for login.
|
||||
*/
|
||||
private final IdentityWrapper identity;
|
||||
|
||||
public TokenAuthenticationRequestV3(String token) {
|
||||
this.identity = new IdentityWrapper(new TokenWrapper(token));
|
||||
}
|
||||
|
||||
public IdentityWrapper getIdentity() {
|
||||
return identity;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return "Authenticate(v3) as token";
|
||||
}
|
||||
|
||||
/**
|
||||
* THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
|
||||
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
|
||||
*/
|
||||
public static class IdentityWrapper {
|
||||
private final TokenWrapper token;
|
||||
private final String[] methods;
|
||||
|
||||
public IdentityWrapper(TokenWrapper token) {
|
||||
this.token = token;
|
||||
this.methods = new String[]{"token"};
|
||||
}
|
||||
|
||||
public String[] getMethods() {
|
||||
return methods;
|
||||
}
|
||||
|
||||
public TokenWrapper getToken() {
|
||||
return token;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
|
||||
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
|
||||
*/
|
||||
public static class TokenWrapper {
|
||||
private final String token;
|
||||
|
||||
public TokenWrapper(String token) {
|
||||
this.token = token;
|
||||
}
|
||||
|
||||
public String getId() {
|
||||
return token;
|
||||
}
|
||||
}
|
||||
}
|
|
@ -18,8 +18,6 @@
|
|||
|
||||
package org.apache.hadoop.fs.swift.auth;
|
||||
|
||||
import org.codehaus.jackson.annotate.JsonProperty;
|
||||
|
||||
/**
|
||||
* Class that represents authentication request to Openstack Keystone v3.
|
||||
* Contains basic authentication information.
|
||||
|
@ -27,61 +25,16 @@ import org.codehaus.jackson.annotate.JsonProperty;
|
|||
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
|
||||
*/
|
||||
public class TrustAuthenticationRequest extends PasswordAuthenticationRequestV3 {
|
||||
/**
|
||||
* trust-id for login
|
||||
*/
|
||||
private ScopeWrapper scope;
|
||||
|
||||
public TrustAuthenticationRequest(PasswordCredentialsV3 passwordCredentials, String trust_id) {
|
||||
super(passwordCredentials);
|
||||
scope = new ScopeWrapper(new TrustWrapper(trust_id));
|
||||
}
|
||||
|
||||
public ScopeWrapper getScope() {
|
||||
return scope;
|
||||
}
|
||||
|
||||
public void setScope(ScopeWrapper scope) {
|
||||
this.scope = scope;
|
||||
public TrustAuthenticationRequest(PasswordCredentialsV3 passwordCredentials,
|
||||
String trustId) {
|
||||
super(new ScopeWrapper(new TrustWrapper(trustId)), passwordCredentials);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return super.toString() +
|
||||
", trust-id '" + scope.getTrust().getId() + "'";
|
||||
", trust-id '" + getScope().getTrust().getId() + "'";
|
||||
}
|
||||
|
||||
public static class ScopeWrapper {
|
||||
private TrustWrapper trust;
|
||||
|
||||
public ScopeWrapper(TrustWrapper trust) {
|
||||
this.trust = trust;
|
||||
}
|
||||
|
||||
@JsonProperty("OS-TRUST:trust")
|
||||
public TrustWrapper getTrust() {
|
||||
return trust;
|
||||
}
|
||||
|
||||
@JsonProperty("OS-TRUST:trust")
|
||||
public void setTrust(TrustWrapper trust) {
|
||||
this.trust = trust;
|
||||
}
|
||||
}
|
||||
|
||||
public static class TrustWrapper {
|
||||
private String id;
|
||||
|
||||
public TrustWrapper(String trust_id) {
|
||||
id = trust_id;
|
||||
}
|
||||
|
||||
public String getId() {
|
||||
return id;
|
||||
}
|
||||
|
||||
public void setId(String id) {
|
||||
this.id = id;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -51,6 +51,8 @@ import org.apache.hadoop.fs.swift.auth.AuthenticationWrapperV3;
|
|||
import org.apache.hadoop.fs.swift.auth.KeyStoneAuthRequest;
|
||||
import org.apache.hadoop.fs.swift.auth.KeystoneApiKeyCredentials;
|
||||
import org.apache.hadoop.fs.swift.auth.PasswordAuthenticationRequest;
|
||||
import org.apache.hadoop.fs.swift.auth.PasswordAuthenticationRequestV3;
|
||||
import org.apache.hadoop.fs.swift.auth.TokenAuthenticationRequestV3;
|
||||
import org.apache.hadoop.fs.swift.auth.TrustAuthenticationRequest;
|
||||
import org.apache.hadoop.fs.swift.auth.PasswordCredentials;
|
||||
import org.apache.hadoop.fs.swift.auth.PasswordCredentialsV3;
|
||||
|
@ -500,31 +502,38 @@ public final class SwiftRestClient {
|
|||
String isPubProp = props.getProperty(SWIFT_PUBLIC_PROPERTY, "false");
|
||||
usePublicURL = "true".equals(isPubProp);
|
||||
authEndpointPrefix = getOption(props, SWIFT_AUTH_ENDPOINT_PREFIX);
|
||||
boolean isV3 = stringAuthUri.contains("/v3/auth/tokens");
|
||||
|
||||
if (apiKey == null && password == null) {
|
||||
throw new SwiftConfigurationException(
|
||||
"Configuration for " + filesystemURI +" must contain either "
|
||||
+ SWIFT_PASSWORD_PROPERTY + " or "
|
||||
+ SWIFT_APIKEY_PROPERTY);
|
||||
}
|
||||
//create the (reusable) authentication request
|
||||
if (apiKey == null && password == null) {
|
||||
throw new SwiftConfigurationException(
|
||||
"Configuration for " + filesystemURI +" must contain either "
|
||||
+ SWIFT_PASSWORD_PROPERTY + " or "
|
||||
+ SWIFT_APIKEY_PROPERTY);
|
||||
}
|
||||
//create the (reusable) authentication request
|
||||
if (isV3) {
|
||||
if (trust_id == null) {
|
||||
if (password != null) {
|
||||
if (trust_id == null) {
|
||||
authRequest = new PasswordAuthenticationRequest(tenant,
|
||||
new PasswordCredentials(
|
||||
username,
|
||||
password));
|
||||
} else {
|
||||
authRequest = new TrustAuthenticationRequest(
|
||||
new PasswordCredentialsV3(username, password, domain_name),
|
||||
trust_id);
|
||||
}
|
||||
authRequest = new PasswordAuthenticationRequestV3(tenant,
|
||||
new PasswordCredentialsV3(username, password, null));
|
||||
} else {
|
||||
authRequest = new ApiKeyAuthenticationRequest(tenant,
|
||||
new ApiKeyCredentials(
|
||||
username, apiKey));
|
||||
keystoneAuthRequest = new KeyStoneAuthRequest(tenant,
|
||||
new KeystoneApiKeyCredentials(username, apiKey));
|
||||
authRequest = new TokenAuthenticationRequestV3(apiKey);
|
||||
}
|
||||
} else {
|
||||
authRequest = new TrustAuthenticationRequest(
|
||||
new PasswordCredentialsV3(username, password, domain_name),
|
||||
trust_id);
|
||||
}
|
||||
} else {
|
||||
if (password != null) {
|
||||
authRequest = new PasswordAuthenticationRequest(tenant,
|
||||
new PasswordCredentials(username, password));
|
||||
} else {
|
||||
authRequest = new ApiKeyAuthenticationRequest(tenant,
|
||||
new ApiKeyCredentials(username, apiKey));
|
||||
keystoneAuthRequest = new KeyStoneAuthRequest(tenant,
|
||||
new KeystoneApiKeyCredentials(username, apiKey));
|
||||
}
|
||||
}
|
||||
locationAware = "true".equals(
|
||||
props.getProperty(SWIFT_LOCATION_AWARE_PROPERTY, "false"));
|
||||
|
|
Loading…
Reference in New Issue