001 /**
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements. See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership. The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License. You may obtain a copy of the License at
009 *
010 * http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018
019 package org.apache.hadoop.yarn.security.client;
020
021 import java.io.DataInput;
022 import java.io.DataInputStream;
023 import java.io.DataOutput;
024 import java.io.IOException;
025
026 import org.apache.hadoop.classification.InterfaceAudience.Public;
027 import org.apache.hadoop.classification.InterfaceStability.Evolving;
028 import org.apache.hadoop.io.Text;
029 import org.apache.hadoop.security.UserGroupInformation;
030 import org.apache.hadoop.security.token.TokenIdentifier;
031 import org.apache.hadoop.yarn.api.records.ApplicationAttemptId;
032 import org.apache.hadoop.yarn.api.records.impl.pb.ApplicationAttemptIdPBImpl;
033 import org.apache.hadoop.yarn.proto.YarnSecurityTokenProtos.ClientToAMTokenIdentifierProto;
034
035 import com.google.protobuf.TextFormat;
036
037
038 @Public
039 @Evolving
040 public class ClientToAMTokenIdentifier extends TokenIdentifier {
041
042 public static final Text KIND_NAME = new Text("YARN_CLIENT_TOKEN");
043
044 private ClientToAMTokenIdentifierProto proto;
045
046 // TODO: Add more information in the tokenID such that it is not
047 // transferrable, more secure etc.
048
049 public ClientToAMTokenIdentifier() {
050 }
051
052 public ClientToAMTokenIdentifier(ApplicationAttemptId id, String client) {
053 ClientToAMTokenIdentifierProto.Builder builder =
054 ClientToAMTokenIdentifierProto.newBuilder();
055 if (id != null) {
056 builder.setAppAttemptId(((ApplicationAttemptIdPBImpl)id).getProto());
057 }
058 if (client != null) {
059 builder.setClientName(client);
060 }
061 proto = builder.build();
062 }
063
064 public ApplicationAttemptId getApplicationAttemptID() {
065 if (!proto.hasAppAttemptId()) {
066 return null;
067 }
068 return new ApplicationAttemptIdPBImpl(proto.getAppAttemptId());
069 }
070
071 public String getClientName() {
072 return proto.getClientName();
073 }
074
075 public ClientToAMTokenIdentifierProto getProto() {
076 return proto;
077 }
078
079 @Override
080 public void write(DataOutput out) throws IOException {
081 out.write(proto.toByteArray());
082 }
083
084 @Override
085 public void readFields(DataInput in) throws IOException {
086 proto = ClientToAMTokenIdentifierProto.parseFrom((DataInputStream)in);
087 }
088
089 @Override
090 public Text getKind() {
091 return KIND_NAME;
092 }
093
094 @Override
095 public UserGroupInformation getUser() {
096 String clientName = getClientName();
097 if (clientName == null) {
098 return null;
099 }
100 return UserGroupInformation.createRemoteUser(clientName);
101 }
102
103 @Override
104 public int hashCode() {
105 return getProto().hashCode();
106 }
107
108 @Override
109 public boolean equals(Object other) {
110 if (other == null)
111 return false;
112 if (other.getClass().isAssignableFrom(this.getClass())) {
113 return this.getProto().equals(this.getClass().cast(other).getProto());
114 }
115 return false;
116 }
117
118 @Override
119 public String toString() {
120 return TextFormat.shortDebugString(getProto());
121 }
122 }