out.writeUTF(token.getClass().getName()); out.writeUTF( Base64.getEncoder().encodeToString(AuthenticationTokenSerializer.serialize(token))); } else { out.writeUTF(tokenFile);
byte[] tokenBytes = Base64.getDecoder().decode(base64TokenBytes); this.token = AuthenticationTokenSerializer.deserialize(tokenClass, tokenBytes); break;
} else if (null != token) { out.writeUTF(token.getClass().getName()); out.writeUTF(Base64.encodeBase64String(AuthenticationTokenSerializer.serialize(token))); } else { out.writeUTF(tokenFile);
byte[] tokenBytes = Base64.decodeBase64(base64TokenBytes); this.token = AuthenticationTokenSerializer.deserialize(tokenClass, tokenBytes); break;
.encodeBase64String(AuthenticationTokenSerializer.serialize(token));
+ Base64.encodeBase64String(AuthenticationToken.AuthenticationTokenSerializer.serialize(pt));
conf.set(enumToConfKey(implementingClass, ConnectorInfo.TOKEN), TokenSource.INLINE.prefix() + token.getClass().getName() + ":" + Base64.encodeBase64String(AuthenticationTokenSerializer.serialize(token)));
String[] args = token.substring(TokenSource.INLINE.prefix().length()).split(":", 2); if (args.length == 2) return AuthenticationTokenSerializer.deserialize(args[0], Base64.decodeBase64(args[1].getBytes(UTF_8))); } else if (token.startsWith(TokenSource.FILE.prefix())) {
/** * DON'T USE THIS. No, really, don't use this. You already have an {@link AuthenticationToken} * with * {@link org.apache.accumulo.core.client.mapreduce.lib.impl.ConfiguratorBase#getAuthenticationToken(Class, Configuration)}. * You don't need to construct it yourself. * <p> * Gets the password from the configuration. WARNING: The password is stored in the Configuration * and shared with all MapReduce tasks; It is BASE64 encoded to provide a charset safe conversion * to a string, and is not intended to be secure. * * @param implementingClass * the class whose name will be used as a prefix for the property configuration key * @param conf * the Hadoop configuration object to configure * @return the decoded principal's authentication token * @deprecated since 1.6.0; Configure your job with the appropriate InputFormat or OutputFormat. * @since 1.5.0 * @see #setConnectorInfo(Class, Configuration, String, AuthenticationToken) */ @Deprecated public static byte[] getToken(Class<?> implementingClass, Configuration conf) { return AuthenticationTokenSerializer .serialize(org.apache.accumulo.core.client.mapreduce.lib.impl.ConfiguratorBase .getAuthenticationToken(implementingClass, conf)); }
/** * An alternate version of {@link #deserialize(Class, byte[])} that accepts a token class name * rather than a token class. * * @param tokenClassName * the fully-qualified class name to be returned * @see #serialize(AuthenticationToken) */ public static AuthenticationToken deserialize(String tokenClassName, byte[] tokenBytes) { Class<? extends AuthenticationToken> tokenType = null; try { // @formatter:off @SuppressWarnings("unchecked") Class<? extends AuthenticationToken> tmpTokenType = (Class<? extends AuthenticationToken>) Class.forName(tokenClassName); // @formatter:on tokenType = tmpTokenType; } catch (ClassNotFoundException e) { throw new IllegalArgumentException("Class not available " + tokenClassName, e); } return deserialize(tokenType, tokenBytes); }
public TCredentials getCredentials() throws D4mException { TCredentials tCred; try { // DH2015: Copied from // 1.6: org.apache.accumulo.core.security.Credentials#toThrift() // 1.7: org.apache.accumulo.core.client.impl.Credentials#toThrift() // in order to create compatibility to 1.6 and 1.7, since the Credentials class moved. // This may still break in later versions because Credentials is non-public API. tCred = new TCredentials(principal, token.getClass().getName(), ByteBuffer.wrap(AuthenticationToken.AuthenticationTokenSerializer.serialize(token)), instance.getInstanceID()); if (token.isDestroyed()) throw new RuntimeException("Token has been destroyed", new AccumuloSecurityException(principal, SecurityErrorCode.TOKEN_EXPIRED)); // tCred = this.creds.toThrift(this.instance); //.create(this.conn.getUser(), this.passwordToken, this.instance.getInstanceID() ); } catch (Exception e) { log.warn("",e); throw new D4mException(e); } return tCred; }
/** * Converts the serialized form to an instance of {@link Credentials}. The original serialized * form will not be affected. * * @param serializedForm * serialized form of credentials * @return deserialized credentials */ public static final Credentials deserialize(String serializedForm) { String[] split = serializedForm.split(":", 3); String principal = split[0].equals("-") ? null : new String(Base64.decodeBase64(split[0]), UTF_8); String tokenType = split[1].equals("-") ? null : new String(Base64.decodeBase64(split[1]), UTF_8); AuthenticationToken token = null; if (!split[2].equals("-")) { byte[] tokenBytes = Base64.decodeBase64(split[2]); token = AuthenticationTokenSerializer.deserialize(tokenType, tokenBytes); } return new Credentials(principal, token); }
/** * Converts the current object to the relevant thrift type. The object returned from this contains * a non-destroyable version of the {@link AuthenticationToken}, so this should be used just * before placing on the wire, and references to it should be tightly controlled. * * @param instance * client instance * @return Thrift credentials * @throws RuntimeException * if the authentication token has been destroyed (expired) */ public TCredentials toThrift(Instance instance) { TCredentials tCreds = new TCredentials(getPrincipal(), getToken().getClass().getName(), ByteBuffer.wrap(AuthenticationTokenSerializer.serialize(getToken())), instance.getInstanceID()); if (getToken().isDestroyed()) throw new RuntimeException("Token has been destroyed", new AccumuloSecurityException(getPrincipal(), SecurityErrorCode.TOKEN_EXPIRED)); return tCreds; }
/** * Converts the current object to a serialized form. The object returned from this contains a * non-destroyable version of the {@link AuthenticationToken}, so references to it should be * tightly controlled. * * @return serialized form of these credentials */ public final String serialize() { return (getPrincipal() == null ? "-" : Base64.encodeBase64String(getPrincipal().getBytes(UTF_8))) + ":" + (getToken() == null ? "-" : Base64.encodeBase64String(getToken().getClass().getName().getBytes(UTF_8))) + ":" + (getToken() == null ? "-" : Base64.encodeBase64String(AuthenticationTokenSerializer.serialize(getToken()))); }
/** * Converts a given thrift object to our internal Credentials representation. * * @param serialized * a Thrift encoded set of credentials * @return a new Credentials instance; destroy the token when you're done. */ public static Credentials fromThrift(TCredentials serialized) { return new Credentials(serialized.getPrincipal(), AuthenticationTokenSerializer .deserialize(serialized.getTokenClassName(), serialized.getToken())); }
/** * Gets the serialized token from either the configuration or the token file. * * @since 1.5.0 * @deprecated since 1.6.0; Use {@link #getAuthenticationToken(JobContext)} instead. */ @Deprecated protected static byte[] getToken(JobContext context) { return AuthenticationTokenSerializer.serialize(getAuthenticationToken(context)); }
/** * Gets the serialized token from either the configuration or the token file. * * @since 1.5.0 * @deprecated since 1.6.0; Use {@link #getAuthenticationToken(JobConf)} instead. */ @Deprecated protected static byte[] getToken(JobConf job) { return AuthenticationTokenSerializer.serialize(getAuthenticationToken(job)); }
/** * Gets the serialized token from either the configuration or the token file. * * @since 1.5.0 * @deprecated since 1.6.0; Use {@link #getAuthenticationToken(JobContext)} instead. */ @Deprecated protected static byte[] getToken(JobContext context) { return AuthenticationToken.AuthenticationTokenSerializer .serialize(getAuthenticationToken(context)); }
conf.set(enumToConfKey(implementingClass, ConnectorInfo.TOKEN), TokenSource.INLINE.prefix() + token.getClass().getName() + ":" + Base64.getEncoder().encodeToString(AuthenticationTokenSerializer.serialize(token)));
String[] args = token.substring(TokenSource.INLINE.prefix().length()).split(":", 2); if (args.length == 2) return AuthenticationTokenSerializer.deserialize(args[0], Base64.getDecoder().decode(args[1])); } else if (token.startsWith(TokenSource.FILE.prefix())) {