Merge "Add support of keystone v3 password/token authentication method"

This commit is contained in:
Jenkins 2015-04-07 16:03:40 +00:00 committed by Gerrit Code Review
commit ccf3e5c6fa
4 changed files with 215 additions and 85 deletions

View File

@ -18,28 +18,45 @@
package org.apache.hadoop.fs.swift.auth;
import java.util.HashMap;
import java.util.Map;
import org.codehaus.jackson.annotate.JsonProperty;
import org.codehaus.jackson.annotate.JsonWriteNullProperties;
/**
* Class that represents authentication request to Openstack Keystone v3.
* Contains basic authentication information.
* THIS FILE IS MAPPED BY JACKSON TO AND FROM JSON.
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
*/
@JsonWriteNullProperties(false)
public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
/**
* Credentials for login
*/
private IdentityWrapper identity;
private final IdentityWrapper identity;
private final ScopeWrapper scope;
public PasswordAuthenticationRequestV3(PasswordCredentialsV3 passwordCredentials) {
this.identity = new IdentityWrapper(new PasswordWrapper(passwordCredentials));
public PasswordAuthenticationRequestV3(ScopeWrapper scope,
PasswordCredentialsV3 passwordCreds) {
this.identity = new IdentityWrapper(new PasswordWrapper(passwordCreds));
this.scope = scope;
}
public PasswordAuthenticationRequestV3(String projectName,
PasswordCredentialsV3 passwordCreds) {
this(projectName == null ? null :
new ScopeWrapper(new ProjectWrapper(projectName)),
passwordCreds);
}
public IdentityWrapper getIdentity() {
return identity;
}
public void setIdentity(IdentityWrapper identity) {
this.identity = identity;
public ScopeWrapper getScope() {
return scope;
}
@Override
@ -48,8 +65,8 @@ public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
}
public static class IdentityWrapper {
private PasswordWrapper password;
public final String[] methods;
private final PasswordWrapper password;
private final String[] methods;
public IdentityWrapper(PasswordWrapper password) {
this.password = password;
@ -60,13 +77,17 @@ public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
return password;
}
public void setPassword(PasswordWrapper password) {
this.password = password;
public String[] getMethods() {
return methods;
}
}
/**
* THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
*/
public static class PasswordWrapper {
private PasswordCredentialsV3 user;
private final PasswordCredentialsV3 user;
public PasswordWrapper(PasswordCredentialsV3 user) {
this.user = user;
@ -75,9 +96,73 @@ public class PasswordAuthenticationRequestV3 extends AuthenticationRequestV3 {
public PasswordCredentialsV3 getUser() {
return user;
}
}
public void setUser(PasswordCredentialsV3 user) {
this.user = user;
/**
* THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
*/
@JsonWriteNullProperties(false)
public static class ScopeWrapper {
private final ProjectWrapper project;
private final TrustWrapper trust;
public ScopeWrapper(ProjectWrapper project) {
this.project = project;
this.trust = null;
}
public ScopeWrapper(TrustWrapper trust) {
this.project = null;
this.trust = trust;
}
public ProjectWrapper getProject() {
return project;
}
@JsonProperty("OS-TRUST:trust")
public TrustWrapper getTrust() {
return trust;
}
}
/**
* THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
*/
public static class ProjectWrapper {
private final String name;
private final Map<String, String> domain;
public ProjectWrapper(String projectName) {
this.domain = new HashMap();
this.domain.put("id", "default");
this.name = projectName;
}
public String getName() {
return name;
}
public Map<String, String> getDomain() {
return domain;
}
}
/**
* THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
*/
public static class TrustWrapper {
private final String id;
public TrustWrapper(String trustId) {
id = trustId;
}
public String getId() {
return id;
}
}
}

View File

@ -0,0 +1,83 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.hadoop.fs.swift.auth;
/**
* Class that represents authentication request to Openstack Keystone v3.
* Contains basic authentication information.
* THIS FILE IS MAPPED BY JACKSON TO AND FROM JSON.
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
*/
public class TokenAuthenticationRequestV3 extends AuthenticationRequestV3 {
/**
* Credentials for login.
*/
private final IdentityWrapper identity;
public TokenAuthenticationRequestV3(String token) {
this.identity = new IdentityWrapper(new TokenWrapper(token));
}
public IdentityWrapper getIdentity() {
return identity;
}
@Override
public String toString() {
return "Authenticate(v3) as token";
}
/**
* THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
*/
public static class IdentityWrapper {
private final TokenWrapper token;
private final String[] methods;
public IdentityWrapper(TokenWrapper token) {
this.token = token;
this.methods = new String[]{"token"};
}
public String[] getMethods() {
return methods;
}
public TokenWrapper getToken() {
return token;
}
}
/**
* THIS CLASS IS MAPPED BY JACKSON TO AND FROM JSON.
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
*/
public static class TokenWrapper {
private final String token;
public TokenWrapper(String token) {
this.token = token;
}
public String getId() {
return token;
}
}
}

View File

@ -18,8 +18,6 @@
package org.apache.hadoop.fs.swift.auth;
import org.codehaus.jackson.annotate.JsonProperty;
/**
* Class that represents authentication request to Openstack Keystone v3.
* Contains basic authentication information.
@ -27,61 +25,16 @@ import org.codehaus.jackson.annotate.JsonProperty;
* DO NOT RENAME OR MODIFY FIELDS AND THEIR ACCESSORS.
*/
public class TrustAuthenticationRequest extends PasswordAuthenticationRequestV3 {
/**
* trust-id for login
*/
private ScopeWrapper scope;
public TrustAuthenticationRequest(PasswordCredentialsV3 passwordCredentials, String trust_id) {
super(passwordCredentials);
scope = new ScopeWrapper(new TrustWrapper(trust_id));
}
public ScopeWrapper getScope() {
return scope;
}
public void setScope(ScopeWrapper scope) {
this.scope = scope;
public TrustAuthenticationRequest(PasswordCredentialsV3 passwordCredentials,
String trustId) {
super(new ScopeWrapper(new TrustWrapper(trustId)), passwordCredentials);
}
@Override
public String toString() {
return super.toString() +
", trust-id '" + scope.getTrust().getId() + "'";
", trust-id '" + getScope().getTrust().getId() + "'";
}
public static class ScopeWrapper {
private TrustWrapper trust;
public ScopeWrapper(TrustWrapper trust) {
this.trust = trust;
}
@JsonProperty("OS-TRUST:trust")
public TrustWrapper getTrust() {
return trust;
}
@JsonProperty("OS-TRUST:trust")
public void setTrust(TrustWrapper trust) {
this.trust = trust;
}
}
public static class TrustWrapper {
private String id;
public TrustWrapper(String trust_id) {
id = trust_id;
}
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
}
}

View File

@ -51,6 +51,8 @@ import org.apache.hadoop.fs.swift.auth.AuthenticationWrapperV3;
import org.apache.hadoop.fs.swift.auth.KeyStoneAuthRequest;
import org.apache.hadoop.fs.swift.auth.KeystoneApiKeyCredentials;
import org.apache.hadoop.fs.swift.auth.PasswordAuthenticationRequest;
import org.apache.hadoop.fs.swift.auth.PasswordAuthenticationRequestV3;
import org.apache.hadoop.fs.swift.auth.TokenAuthenticationRequestV3;
import org.apache.hadoop.fs.swift.auth.TrustAuthenticationRequest;
import org.apache.hadoop.fs.swift.auth.PasswordCredentials;
import org.apache.hadoop.fs.swift.auth.PasswordCredentialsV3;
@ -500,31 +502,38 @@ public final class SwiftRestClient {
String isPubProp = props.getProperty(SWIFT_PUBLIC_PROPERTY, "false");
usePublicURL = "true".equals(isPubProp);
authEndpointPrefix = getOption(props, SWIFT_AUTH_ENDPOINT_PREFIX);
boolean isV3 = stringAuthUri.contains("/v3/auth/tokens");
if (apiKey == null && password == null) {
throw new SwiftConfigurationException(
"Configuration for " + filesystemURI +" must contain either "
+ SWIFT_PASSWORD_PROPERTY + " or "
+ SWIFT_APIKEY_PROPERTY);
}
//create the (reusable) authentication request
if (apiKey == null && password == null) {
throw new SwiftConfigurationException(
"Configuration for " + filesystemURI +" must contain either "
+ SWIFT_PASSWORD_PROPERTY + " or "
+ SWIFT_APIKEY_PROPERTY);
}
//create the (reusable) authentication request
if (isV3) {
if (trust_id == null) {
if (password != null) {
if (trust_id == null) {
authRequest = new PasswordAuthenticationRequest(tenant,
new PasswordCredentials(
username,
password));
} else {
authRequest = new TrustAuthenticationRequest(
new PasswordCredentialsV3(username, password, domain_name),
trust_id);
}
authRequest = new PasswordAuthenticationRequestV3(tenant,
new PasswordCredentialsV3(username, password, null));
} else {
authRequest = new ApiKeyAuthenticationRequest(tenant,
new ApiKeyCredentials(
username, apiKey));
keystoneAuthRequest = new KeyStoneAuthRequest(tenant,
new KeystoneApiKeyCredentials(username, apiKey));
authRequest = new TokenAuthenticationRequestV3(apiKey);
}
} else {
authRequest = new TrustAuthenticationRequest(
new PasswordCredentialsV3(username, password, domain_name),
trust_id);
}
} else {
if (password != null) {
authRequest = new PasswordAuthenticationRequest(tenant,
new PasswordCredentials(username, password));
} else {
authRequest = new ApiKeyAuthenticationRequest(tenant,
new ApiKeyCredentials(username, apiKey));
keystoneAuthRequest = new KeyStoneAuthRequest(tenant,
new KeystoneApiKeyCredentials(username, apiKey));
}
}
locationAware = "true".equals(
props.getProperty(SWIFT_LOCATION_AWARE_PROPERTY, "false"));