summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJenkins <jenkins@review.openstack.org>2015-04-07 16:03:40 +0000
committerGerrit Code Review <review@openstack.org>2015-04-07 16:03:40 +0000
commitccf3e5c6faef5c2e6929a138d65f8b6425e5c84e (patch)
tree940dc8c37d526507165f48200ff95ee1a3fee500
parente464caa3ef95c6237739ac4ea1c15b73080a9562 (diff)
parent35fef155504644372a0d013e4768c42508e63779 (diff)
Merge "Add support of keystone v3 password/token authentication method"2015.1.0rc22015.1.0rc12015.1.0
-rw-r--r--hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/auth/PasswordAuthenticationRequestV3.java109
-rw-r--r--hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/auth/TokenAuthenticationRequestV3.java83
-rw-r--r--hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/auth/TrustAuthenticationRequest.java55
-rw-r--r--hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/http/SwiftRestClient.java53
4 files changed, 215 insertions, 85 deletions
diff --git a/hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/auth/PasswordAuthenticationRequestV3.java b/hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/auth/PasswordAuthenticationRequestV3.java
index 1680c97..5f1d0c9 100644
--- a/hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/auth/PasswordAuthenticationRequestV3.java
+++ b/hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/auth/PasswordAuthenticationRequestV3.java
@@ -18,28 +18,45 @@
18 18
19package org.apache.hadoop.fs.swift.auth; 19package org.apache.hadoop.fs.swift.auth;
20 20
21import java.util.HashMap;
22import java.util.Map;
23
24import org.codehaus.jackson.annotate.JsonProperty;
25import org.codehaus.jackson.annotate.JsonWriteNullProperties;
26
21/** 27/**
22 * Class that represents authentication request to Openstack Keystone v3. 28 * Class that represents authentication request to Openstack Keystone v3.
23 * Contains basic authentication information. 29 * Contains basic authentication information.
24 * THIS FILE IS MAPPED BY JACKSON TO AND FROM JSON. 30 * THIS FILE IS MAPPED BY JACKSON TO AND FROM JSON.
25 * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS. 31 * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
26 */ 32 */
33@JsonWriteNullProperties(false)
27public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 { 34public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
28 /** 35 /**
29 * Credentials for login 36 * Credentials for login
30 */ 37 */
31 private IdentityWrapper identity; 38 private final IdentityWrapper identity;
39 private final ScopeWrapper scope;
32 40
33 public PasswordAuthenticationRequestV3(PasswordCredentialsV3 passwordCredentials) { 41 public PasswordAuthenticationRequestV3(ScopeWrapper scope,
34 this.identity = new IdentityWrapper(new PasswordWrapper(passwordCredentials)); 42 PasswordCredentialsV3 passwordCreds) {
43 this.identity = new IdentityWrapper(new PasswordWrapper(passwordCreds));
44 this.scope = scope;
45 }
46
47 public PasswordAuthenticationRequestV3(String projectName,
48 PasswordCredentialsV3 passwordCreds) {
49 this(projectName == null ? null :
50 new ScopeWrapper(new ProjectWrapper(projectName)),
51 passwordCreds);
35 } 52 }
36 53
37 public IdentityWrapper getIdentity() { 54 public IdentityWrapper getIdentity() {
38 return identity; 55 return identity;
39 } 56 }
40 57
41 public void setIdentity(IdentityWrapper identity) { 58 public ScopeWrapper getScope() {
42 this.identity = identity; 59 return scope;
43 } 60 }
44 61
45 @Override 62 @Override
@@ -48,8 +65,8 @@ public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
48 } 65 }
49 66
50 public static class IdentityWrapper { 67 public static class IdentityWrapper {
51 private PasswordWrapper password; 68 private final PasswordWrapper password;
52 public final String[] methods; 69 private final String[] methods;
53 70
54 public IdentityWrapper(PasswordWrapper password) { 71 public IdentityWrapper(PasswordWrapper password) {
55 this.password = password; 72 this.password = password;
@@ -60,13 +77,17 @@ public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
60 return password; 77 return password;
61 } 78 }
62 79
63 public void setPassword(PasswordWrapper password) { 80 public String[] getMethods() {
64 this.password = password; 81 return methods;
65 } 82 }
66 } 83 }
67 84
85 /**
86 * THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
87 * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
88 */
68 public static class PasswordWrapper { 89 public static class PasswordWrapper {
69 private PasswordCredentialsV3 user; 90 private final PasswordCredentialsV3 user;
70 91
71 public PasswordWrapper(PasswordCredentialsV3 user) { 92 public PasswordWrapper(PasswordCredentialsV3 user) {
72 this.user = user; 93 this.user = user;
@@ -75,9 +96,73 @@ public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
75 public PasswordCredentialsV3 getUser() { 96 public PasswordCredentialsV3 getUser() {
76 return user; 97 return user;
77 } 98 }
99 }
78 100
79 public void setUser(PasswordCredentialsV3 user) { 101 /**
80 this.user = user; 102 * THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
103 * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
104 */
105 @JsonWriteNullProperties(false)
106 public static class ScopeWrapper {
107 private final ProjectWrapper project;
108 private final TrustWrapper trust;
109
110 public ScopeWrapper(ProjectWrapper project) {
111 this.project = project;
112 this.trust = null;
113 }
114
115 public ScopeWrapper(TrustWrapper trust) {
116 this.project = null;
117 this.trust = trust;
118 }
119
120 public ProjectWrapper getProject() {
121 return project;
122 }
123
124 @JsonProperty("OS-TRUST:trust")
125 public TrustWrapper getTrust() {
126 return trust;
127 }
128 }
129
130 /**
131 * THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
132 * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
133 */
134 public static class ProjectWrapper {
135 private final String name;
136 private final Map<String, String> domain;
137
138 public ProjectWrapper(String projectName) {
139 this.domain = new HashMap();
140 this.domain.put("id", "default");
141 this.name = projectName;
142 }
143
144 public String getName() {
145 return name;
146 }
147
148 public Map<String, String> getDomain() {
149 return domain;
150 }
151 }
152
153 /**
154 * THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
155 * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
156 */
157 public static class TrustWrapper {
158 private final String id;
159
160 public TrustWrapper(String trustId) {
161 id = trustId;
162 }
163
164 public String getId() {
165 return id;
81 } 166 }
82 } 167 }
83} 168}
diff --git a/hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/auth/TokenAuthenticationRequestV3.java b/hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/auth/TokenAuthenticationRequestV3.java
new file mode 100644
index 0000000..5a2319e
--- /dev/null
+++ b/hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/auth/TokenAuthenticationRequestV3.java
@@ -0,0 +1,83 @@
1/*
2 * Licensed to the Apache Software Foundation (ASF) under one
3 * or more contributor license agreements. See the NOTICE file
4 * distributed with this work for additional information
5 * regarding copyright ownership. The ASF licenses this file
6 * to you under the Apache License, Version 2.0 (the
7 * "License"); you may not use this file except in compliance
8 * with the License. You may obtain a copy of the License at
9 *
10 * http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
17 */
18
19package org.apache.hadoop.fs.swift.auth;
20
21/**
22 * Class that represents authentication request to Openstack Keystone v3.
23 * Contains basic authentication information.
24 * THIS FILE IS MAPPED BY JACKSON TO AND FROM JSON.
25 * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
26 */
27public class TokenAuthenticationRequestV3 extends AuthenticationRequestV3 {
28 /**
29 * Credentials for login.
30 */
31 private final IdentityWrapper identity;
32
33 public TokenAuthenticationRequestV3(String token) {
34 this.identity = new IdentityWrapper(new TokenWrapper(token));
35 }
36
37 public IdentityWrapper getIdentity() {
38 return identity;
39 }
40
41 @Override
42 public String toString() {
43 return "Authenticate(v3) as token";
44 }
45
46 /**
47 * THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
48 * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
49 */
50 public static class IdentityWrapper {
51 private final TokenWrapper token;
52 private final String[] methods;
53
54 public IdentityWrapper(TokenWrapper token) {
55 this.token = token;
56 this.methods = new String[]{"token"};
57 }
58
59 public String[] getMethods() {
60 return methods;
61 }
62
63 public TokenWrapper getToken() {
64 return token;
65 }
66 }
67
68 /**
69 * THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
70 * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
71 */
72 public static class TokenWrapper {
73 private final String token;
74
75 public TokenWrapper(String token) {
76 this.token = token;
77 }
78
79 public String getId() {
80 return token;
81 }
82 }
83}
diff --git a/hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/auth/TrustAuthenticationRequest.java b/hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/auth/TrustAuthenticationRequest.java
index 63389cd..28fbb2c 100644
--- a/hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/auth/TrustAuthenticationRequest.java
+++ b/hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/auth/TrustAuthenticationRequest.java
@@ -18,8 +18,6 @@
18 18
19package org.apache.hadoop.fs.swift.auth; 19package org.apache.hadoop.fs.swift.auth;
20 20
21import org.codehaus.jackson.annotate.JsonProperty;
22
23/** 21/**
24 * Class that represents authentication request to Openstack Keystone v3. 22 * Class that represents authentication request to Openstack Keystone v3.
25 * Contains basic authentication information. 23 * Contains basic authentication information.
@@ -27,61 +25,16 @@ import org.codehaus.jackson.annotate.JsonProperty;
27 * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS. 25 * DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
28 */ 26 */
29public class TrustAuthenticationRequest extends PasswordAuthenticationRequestV3 { 27public class TrustAuthenticationRequest extends PasswordAuthenticationRequestV3 {
30 /**
31 * trust-id for login
32 */
33 private ScopeWrapper scope;
34
35 public TrustAuthenticationRequest(PasswordCredentialsV3 passwordCredentials, String trust_id) {
36 super(passwordCredentials);
37 scope = new ScopeWrapper(new TrustWrapper(trust_id));
38 }
39 28
40 public ScopeWrapper getScope() { 29 public TrustAuthenticationRequest(PasswordCredentialsV3 passwordCredentials,
41 return scope; 30 String trustId) {
42 } 31 super(new ScopeWrapper(new TrustWrapper(trustId)), passwordCredentials);
43
44 public void setScope(ScopeWrapper scope) {
45 this.scope = scope;
46 } 32 }
47 33
48 @Override 34 @Override
49 public String toString() { 35 public String toString() {
50 return super.toString() + 36 return super.toString() +
51 ", trust-id '" + scope.getTrust().getId() + "'"; 37 ", trust-id '" + getScope().getTrust().getId() + "'";
52 }
53
54 public static class ScopeWrapper {
55 private TrustWrapper trust;
56
57 public ScopeWrapper(TrustWrapper trust) {
58 this.trust = trust;
59 }
60
61 @JsonProperty("OS-TRUST:trust")
62 public TrustWrapper getTrust() {
63 return trust;
64 }
65
66 @JsonProperty("OS-TRUST:trust")
67 public void setTrust(TrustWrapper trust) {
68 this.trust = trust;
69 }
70 } 38 }
71 39
72 public static class TrustWrapper {
73 private String id;
74
75 public TrustWrapper(String trust_id) {
76 id = trust_id;
77 }
78
79 public String getId() {
80 return id;
81 }
82
83 public void setId(String id) {
84 this.id = id;
85 }
86 }
87} 40}
diff --git a/hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/http/SwiftRestClient.java b/hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/http/SwiftRestClient.java
index 27c5ff6..9c2d0a1 100644
--- a/hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/http/SwiftRestClient.java
+++ b/hadoop-swiftfs/src/main/java/org/apache/hadoop/fs/swift/http/SwiftRestClient.java
@@ -51,6 +51,8 @@ import org.apache.hadoop.fs.swift.auth.AuthenticationWrapperV3;
51import org.apache.hadoop.fs.swift.auth.KeyStoneAuthRequest; 51import org.apache.hadoop.fs.swift.auth.KeyStoneAuthRequest;
52import org.apache.hadoop.fs.swift.auth.KeystoneApiKeyCredentials; 52import org.apache.hadoop.fs.swift.auth.KeystoneApiKeyCredentials;
53import org.apache.hadoop.fs.swift.auth.PasswordAuthenticationRequest; 53import org.apache.hadoop.fs.swift.auth.PasswordAuthenticationRequest;
54import org.apache.hadoop.fs.swift.auth.PasswordAuthenticationRequestV3;
55import org.apache.hadoop.fs.swift.auth.TokenAuthenticationRequestV3;
54import org.apache.hadoop.fs.swift.auth.TrustAuthenticationRequest; 56import org.apache.hadoop.fs.swift.auth.TrustAuthenticationRequest;
55import org.apache.hadoop.fs.swift.auth.PasswordCredentials; 57import org.apache.hadoop.fs.swift.auth.PasswordCredentials;
56import org.apache.hadoop.fs.swift.auth.PasswordCredentialsV3; 58import org.apache.hadoop.fs.swift.auth.PasswordCredentialsV3;
@@ -500,31 +502,38 @@ public final class SwiftRestClient {
500 String isPubProp = props.getProperty(SWIFT_PUBLIC_PROPERTY, "false"); 502 String isPubProp = props.getProperty(SWIFT_PUBLIC_PROPERTY, "false");
501 usePublicURL = "true".equals(isPubProp); 503 usePublicURL = "true".equals(isPubProp);
502 authEndpointPrefix = getOption(props, SWIFT_AUTH_ENDPOINT_PREFIX); 504 authEndpointPrefix = getOption(props, SWIFT_AUTH_ENDPOINT_PREFIX);
505 boolean isV3 = stringAuthUri.contains("/v3/auth/tokens");
503 506
504 if (apiKey == null && password == null) { 507 if (apiKey == null && password == null) {
505 throw new SwiftConfigurationException( 508 throw new SwiftConfigurationException(
506 "Configuration for " + filesystemURI +" must contain either " 509 "Configuration for " + filesystemURI +" must contain either "
507 + SWIFT_PASSWORD_PROPERTY + " or " 510 + SWIFT_PASSWORD_PROPERTY + " or "
508 + SWIFT_APIKEY_PROPERTY); 511 + SWIFT_APIKEY_PROPERTY);
509 } 512 }
510 //create the (reusable) authentication request 513 //create the (reusable) authentication request
514 if (isV3) {
515 if (trust_id == null) {
511 if (password != null) { 516 if (password != null) {
512 if (trust_id == null) { 517 authRequest = new PasswordAuthenticationRequestV3(tenant,
513 authRequest = new PasswordAuthenticationRequest(tenant, 518 new PasswordCredentialsV3(username, password, null));
514 new PasswordCredentials(
515 username,
516 password));
517 } else {
518 authRequest = new TrustAuthenticationRequest(
519 new PasswordCredentialsV3(username, password, domain_name),
520 trust_id);
521 }
522 } else { 519 } else {
523 authRequest = new ApiKeyAuthenticationRequest(tenant, 520 authRequest = new TokenAuthenticationRequestV3(apiKey);
524 new ApiKeyCredentials( 521 }
525 username, apiKey)); 522 } else {
526 keystoneAuthRequest = new KeyStoneAuthRequest(tenant, 523 authRequest = new TrustAuthenticationRequest(
527 new KeystoneApiKeyCredentials(username, apiKey)); 524 new PasswordCredentialsV3(username, password, domain_name),
525 trust_id);
526 }
527 } else {
528 if (password != null) {
529 authRequest = new PasswordAuthenticationRequest(tenant,
530 new PasswordCredentials(username, password));
531 } else {
532 authRequest = new ApiKeyAuthenticationRequest(tenant,
533 new ApiKeyCredentials(username, apiKey));
534 keystoneAuthRequest = new KeyStoneAuthRequest(tenant,
535 new KeystoneApiKeyCredentials(username, apiKey));
536 }
528 } 537 }
529 locationAware = "true".equals( 538 locationAware = "true".equals(
530 props.getProperty(SWIFT_LOCATION_AWARE_PROPERTY, "false")); 539 props.getProperty(SWIFT_LOCATION_AWARE_PROPERTY, "false"));