001    /**
002     * Licensed to the Apache Software Foundation (ASF) under one
003     * or more contributor license agreements.  See the NOTICE file
004     * distributed with this work for additional information
005     * regarding copyright ownership.  The ASF licenses this file
006     * to you under the Apache License, Version 2.0 (the
007     * "License"); you may not use this file except in compliance
008     * with the License.  You may obtain a copy of the License at
009     *
010     *     http://www.apache.org/licenses/LICENSE-2.0
011     *
012     * Unless required by applicable law or agreed to in writing, software
013     * distributed under the License is distributed on an "AS IS" BASIS,
014     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015     * See the License for the specific language governing permissions and
016     * limitations under the License.
017     */
018    
019    package org.apache.hadoop.yarn.security.client;
020    
021    import java.io.DataInput;
022    import java.io.DataOutput;
023    import java.io.IOException;
024    
025    import org.apache.hadoop.classification.InterfaceAudience;
026    import org.apache.hadoop.classification.InterfaceAudience.Public;
027    import org.apache.hadoop.classification.InterfaceStability.Evolving;
028    import org.apache.hadoop.io.Text;
029    import org.apache.hadoop.security.UserGroupInformation;
030    import org.apache.hadoop.security.token.Token;
031    import org.apache.hadoop.security.token.TokenIdentifier;
032    import org.apache.hadoop.yarn.api.records.ApplicationAttemptId;
033    import org.apache.hadoop.yarn.api.records.ApplicationId;
034    
035    @Public
036    @Evolving
037    public class ClientToAMTokenIdentifier extends TokenIdentifier {
038    
039      public static final Text KIND_NAME = new Text("YARN_CLIENT_TOKEN");
040    
041      private ApplicationAttemptId applicationAttemptId;
042      private Text clientName = new Text();
043    
044      // TODO: Add more information in the tokenID such that it is not
045      // transferrable, more secure etc.
046    
047      public ClientToAMTokenIdentifier() {
048      }
049    
050      public ClientToAMTokenIdentifier(ApplicationAttemptId id, String client) {
051        this();
052        this.applicationAttemptId = id;
053        this.clientName = new Text(client);
054      }
055    
056      public ApplicationAttemptId getApplicationAttemptID() {
057        return this.applicationAttemptId;
058      }
059    
060      public String getClientName() {
061        return this.clientName.toString();
062      }
063    
064      @Override
065      public void write(DataOutput out) throws IOException {
066        out.writeLong(this.applicationAttemptId.getApplicationId()
067          .getClusterTimestamp());
068        out.writeInt(this.applicationAttemptId.getApplicationId().getId());
069        out.writeInt(this.applicationAttemptId.getAttemptId());
070        this.clientName.write(out);
071      }
072    
073      @Override
074      public void readFields(DataInput in) throws IOException {
075        this.applicationAttemptId =
076            ApplicationAttemptId.newInstance(
077              ApplicationId.newInstance(in.readLong(), in.readInt()), in.readInt());
078        this.clientName.readFields(in);
079      }
080    
081      @Override
082      public Text getKind() {
083        return KIND_NAME;
084      }
085    
086      @Override
087      public UserGroupInformation getUser() {
088        if (this.clientName == null) {
089          return null;
090        }
091        return UserGroupInformation.createRemoteUser(this.clientName.toString());
092      }
093    
094      @InterfaceAudience.Private
095      public static class Renewer extends Token.TrivialRenewer {
096        @Override
097        protected Text getKind() {
098          return KIND_NAME;
099        }
100      }
101    }