Example 11 with ApiKey
use of io.hops.hopsworks.persistence.entity.user.security.apiKey.ApiKey in project hopsworks by logicalclocks.
the class ApiKeyController method deleteKey.
/**
* @param user
* @param keyName
*/
public void deleteKey(Users user, String keyName) throws ApiKeyException {
ApiKey apiKey = apiKeyFacade.findByUserAndName(user, keyName);
if (apiKey == null) {
return;
}
// run delete handlers
ApiKeyHandler.runApiKeyDeleteHandlers(apiKeyHandlers, apiKey);
apiKeyFacade.remove(apiKey);
sendDeletedEmail(user, keyName);
}
Also used :
ApiKey(io.hops.hopsworks.persistence.entity.user.security.apiKey.ApiKey)
Example 12 with ApiKey
use of io.hops.hopsworks.persistence.entity.user.security.apiKey.ApiKey in project hopsworks by logicalclocks.
the class FlinkProxyServlet method service.
@Override
protected void service(HttpServletRequest servletRequest, HttpServletResponse servletResponse) throws ServletException, IOException {
Users user;
if (servletRequest.getUserPrincipal() == null) {
// Check if API key is provided
String authorizationHeader = servletRequest.getHeader("Authorization");
if (Strings.isNullOrEmpty(authorizationHeader)) {
servletResponse.sendError(401, "API key was not provided");
return;
} else {
try {
String key = authorizationHeader.substring(ApiKeyFilter.API_KEY.length()).trim();
ApiKey apiKey = apiKeyController.getApiKey(key);
user = apiKey.getUser();
} catch (ApiKeyException e) {
servletResponse.sendError(401, "Could not validate API key");
return;
}
}
} else {
user = userFacade.findByEmail(servletRequest.getUserPrincipal().getName());
}
String uri = servletRequest.getRequestURI();
Pattern appPattern = Pattern.compile("(application_.*?_\\d*)");
Matcher appMatcher = appPattern.matcher(uri);
String appId;
String flinkMasterURL;
if (appMatcher.find()) {
appId = appMatcher.group(1);
// Validate user is authorized to access to this yarn app
YarnApplicationstate appState = yarnApplicationstateFacade.findByAppId(appId);
// If job is not running, show relevant message
if (!Strings.isNullOrEmpty(appState.getAppsmstate()) && (YarnApplicationState.valueOf(appState.getAppsmstate()) == YarnApplicationState.FAILED || YarnApplicationState.valueOf(appState.getAppsmstate()) == YarnApplicationState.FINISHED || YarnApplicationState.valueOf(appState.getAppsmstate()) == YarnApplicationState.KILLED)) {
servletResponse.sendError(404, "This Flink cluster is not running. You can navigate to YARN and Logs for historical information on this " + "Flink cluster.");
return;
}
HdfsUsers hdfsUser = hdfsUsersFacade.findByName(appState.getAppuser());
if (!projectTeamFacade.isUserMemberOfProject(projectFacade.findByName(hdfsUser.getProject()), user)) {
servletResponse.sendError(403, "You are not authorized to access this Flink cluster");
}
// Is this user member of the project?
flinkMasterURL = flinkMasterAddrCache.get(appId);
if (Strings.isNullOrEmpty(flinkMasterURL)) {
servletResponse.sendError(404, "This Flink cluster is not running. You can navigate to YARN and Logs for historical information on this" + " Flink cluster.");
return;
}
String theHost = "http://" + flinkMasterURL;
URI targetUriHost;
targetUri = theHost;
try {
targetUriObj = new URI(targetUri);
targetUriHost = new URI(theHost);
} catch (Exception e) {
LOGGER.log(Level.INFO, "An error occurred serving the request", e);
return;
}
targetHost = URIUtils.extractHost(targetUriHost);
servletRequest.setAttribute(ATTR_TARGET_URI, targetUri);
servletRequest.setAttribute(ATTR_TARGET_HOST, targetHost);
servletRequest.setAttribute(ATTR_HOST_PORT, flinkMasterURL);
super.service(servletRequest, servletResponse);
} else {
servletResponse.sendError(404, "This Flink cluster is not running. You can navigate to YARN and Logs for historical information on this " + "Flink cluster.");
}
}
Also used :
ApiKeyException(io.hops.hopsworks.exceptions.ApiKeyException)
Pattern(java.util.regex.Pattern)
ApiKey(io.hops.hopsworks.persistence.entity.user.security.apiKey.ApiKey)
Matcher(java.util.regex.Matcher)
YarnApplicationstate(io.hops.hopsworks.persistence.entity.jobs.history.YarnApplicationstate)
HdfsUsers(io.hops.hopsworks.persistence.entity.hdfs.user.HdfsUsers)
Users(io.hops.hopsworks.persistence.entity.user.Users)
URI(java.net.URI)
HdfsUsers(io.hops.hopsworks.persistence.entity.hdfs.user.HdfsUsers)
ServletException(javax.servlet.ServletException)
ApiKeyException(io.hops.hopsworks.exceptions.ApiKeyException)
IOException(java.io.IOException)
Aggregations
ApiKey (io.hops.hopsworks.persistence.entity.user.security.apiKey.ApiKey)12
ApiKeyException (io.hops.hopsworks.exceptions.ApiKeyException)5
ApiScope (io.hops.hopsworks.persistence.entity.user.security.apiKey.ApiScope)5
ApiKeyScope (io.hops.hopsworks.persistence.entity.user.security.apiKey.ApiKeyScope)4
Date (java.util.Date)4
Users (io.hops.hopsworks.persistence.entity.user.Users)3
ResourceRequest (io.hops.hopsworks.common.api.ResourceRequest)2
Secret (io.hops.hopsworks.common.security.utils.Secret)2
JWTRequired (io.hops.hopsworks.jwt.annotation.JWTRequired)2
ApiOperation (io.swagger.annotations.ApiOperation)2
ArrayList (java.util.ArrayList)2
Produces (javax.ws.rs.Produces)2
HopsworksSecurityContext (io.hops.hopsworks.api.filter.util.HopsworksSecurityContext)1
Subject (io.hops.hopsworks.api.filter.util.Subject)1
RESTApiJsonResponse (io.hops.hopsworks.api.util.RESTApiJsonResponse)1
UserException (io.hops.hopsworks.exceptions.UserException)1
HdfsUsers (io.hops.hopsworks.persistence.entity.hdfs.user.HdfsUsers)1
YarnApplicationstate (io.hops.hopsworks.persistence.entity.jobs.history.YarnApplicationstate)1
JsonResponse (io.hops.hopsworks.restutils.JsonResponse)1
IOException (java.io.IOException)1
