001 /**
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements. See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership. The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License. You may obtain a copy of the License at
009 *
010 * http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018
019 package org.apache.hadoop.hdfs.security.token.delegation;
020
021 import java.io.ByteArrayInputStream;
022 import java.io.DataInputStream;
023 import java.io.IOException;
024
025 import org.apache.hadoop.classification.InterfaceAudience;
026 import org.apache.hadoop.hdfs.web.SWebHdfsFileSystem;
027 import org.apache.hadoop.hdfs.web.WebHdfsFileSystem;
028 import org.apache.hadoop.io.Text;
029 import org.apache.hadoop.security.token.Token;
030 import org.apache.hadoop.security.token.delegation.AbstractDelegationTokenIdentifier;
031
032 /**
033 * A delegation token identifier that is specific to HDFS.
034 */
035 @InterfaceAudience.Private
036 public class DelegationTokenIdentifier
037 extends AbstractDelegationTokenIdentifier {
038 public static final Text HDFS_DELEGATION_KIND = new Text("HDFS_DELEGATION_TOKEN");
039
040 /**
041 * Create an empty delegation token identifier for reading into.
042 */
043 public DelegationTokenIdentifier() {
044 }
045
046 /**
047 * Create a new delegation token identifier
048 * @param owner the effective username of the token owner
049 * @param renewer the username of the renewer
050 * @param realUser the real username of the token owner
051 */
052 public DelegationTokenIdentifier(Text owner, Text renewer, Text realUser) {
053 super(owner, renewer, realUser);
054 }
055
056 @Override
057 public Text getKind() {
058 return HDFS_DELEGATION_KIND;
059 }
060
061 @Override
062 public String toString() {
063 return getKind() + " token " + getSequenceNumber()
064 + " for " + getUser().getShortUserName();
065 }
066
067 /** @return a string representation of the token */
068 public static String stringifyToken(final Token<?> token) throws IOException {
069 DelegationTokenIdentifier ident = new DelegationTokenIdentifier();
070 ByteArrayInputStream buf = new ByteArrayInputStream(token.getIdentifier());
071 DataInputStream in = new DataInputStream(buf);
072 ident.readFields(in);
073
074 if (token.getService().getLength() > 0) {
075 return ident + " on " + token.getService();
076 } else {
077 return ident.toString();
078 }
079 }
080
081 public static class WebHdfsDelegationTokenIdentifier
082 extends DelegationTokenIdentifier {
083 public WebHdfsDelegationTokenIdentifier() {
084 super();
085 }
086 @Override
087 public Text getKind() {
088 return WebHdfsFileSystem.TOKEN_KIND;
089 }
090 }
091
092 public static class SWebHdfsDelegationTokenIdentifier
093 extends WebHdfsDelegationTokenIdentifier {
094 public SWebHdfsDelegationTokenIdentifier() {
095 super();
096 }
097 @Override
098 public Text getKind() {
099 return SWebHdfsFileSystem.TOKEN_KIND;
100 }
101 }
102 }