Search in sources :

Example 6 with TokenExpiredException

use of io.pravega.auth.TokenExpiredException in project pravega by pravega.

the class SegmentHelper method processAndRethrowException.

@VisibleForTesting
<T extends Request & WireCommand> void processAndRethrowException(long callerRequestId, T request, Throwable e) {
    Throwable unwrap = Exceptions.unwrap(e);
    WireCommandFailedException ex = null;
    if (unwrap instanceof ConnectionFailedException || unwrap instanceof ConnectionClosedException) {
        log.warn(callerRequestId, "Connection dropped {}", request.getRequestId());
        throw new WireCommandFailedException(request.getType(), WireCommandFailedException.Reason.ConnectionFailed);
    } else if (unwrap instanceof AuthenticationException) {
        log.warn(callerRequestId, "Authentication Exception {}", request.getRequestId());
        throw new WireCommandFailedException(request.getType(), WireCommandFailedException.Reason.AuthFailed);
    } else if (unwrap instanceof TokenExpiredException) {
        log.warn(callerRequestId, "Token expired {}", request.getRequestId());
        throw new WireCommandFailedException(request.getType(), WireCommandFailedException.Reason.AuthFailed);
    } else if (unwrap instanceof TimeoutException) {
        log.warn(callerRequestId, "Request timed out. {}", request.getRequestId());
        throw new WireCommandFailedException(request.getType(), WireCommandFailedException.Reason.ConnectionFailed);
    } else {
        log.error(callerRequestId, "Request failed {}", request.getRequestId(), e);
        throw new CompletionException(e);
    }
}
Also used : TokenExpiredException(io.pravega.auth.TokenExpiredException) AuthenticationException(io.pravega.auth.AuthenticationException) CompletionException(java.util.concurrent.CompletionException) ConnectionClosedException(io.pravega.client.stream.impl.ConnectionClosedException) ConnectionFailedException(io.pravega.shared.protocol.netty.ConnectionFailedException) TimeoutException(java.util.concurrent.TimeoutException) VisibleForTesting(com.google.common.annotations.VisibleForTesting)

Example 7 with TokenExpiredException

use of io.pravega.auth.TokenExpiredException in project pravega by pravega.

the class PravegaRequestProcessor method handleException.

private Void handleException(long requestId, String segment, long offset, String operation, Throwable u) {
    if (u == null) {
        IllegalStateException exception = new IllegalStateException("No exception to handle.");
        log.error(requestId, "Error (Segment = '{}', Operation = '{}')", segment, operation, exception);
        throw exception;
    }
    u = Exceptions.unwrap(u);
    String clientReplyStackTrace = replyWithStackTraceOnError ? Throwables.getStackTraceAsString(u) : EMPTY_STACK_TRACE;
    final Consumer<Throwable> failureHandler = t -> {
        log.error(requestId, "Error (Segment = '{}', Operation = '{}')", segment, "handling result of " + operation, t);
        connection.close();
    };
    if (u instanceof StreamSegmentExistsException) {
        log.info(requestId, "Segment '{}' already exists and cannot perform operation '{}'.", segment, operation);
        invokeSafely(connection::send, new SegmentAlreadyExists(requestId, segment, clientReplyStackTrace), failureHandler);
    } else if (u instanceof StreamSegmentNotExistsException) {
        log.warn(requestId, "Segment '{}' does not exist and cannot perform operation '{}'.", segment, operation);
        invokeSafely(connection::send, new NoSuchSegment(requestId, segment, clientReplyStackTrace, offset), failureHandler);
    } else if (u instanceof StreamSegmentSealedException) {
        log.info(requestId, "Segment '{}' is sealed and cannot perform operation '{}'.", segment, operation);
        invokeSafely(connection::send, new SegmentIsSealed(requestId, segment, clientReplyStackTrace, offset), failureHandler);
    } else if (u instanceof ContainerNotFoundException) {
        int containerId = ((ContainerNotFoundException) u).getContainerId();
        log.warn(requestId, "Wrong host. Segment = '{}' (Container {}) is not owned. Operation = '{}').", segment, containerId, operation);
        invokeSafely(connection::send, new WrongHost(requestId, segment, "", clientReplyStackTrace), failureHandler);
    } else if (u instanceof ReadCancellationException) {
        log.info(requestId, "Sending empty response on connection {} while reading segment {} due to CancellationException.", connection, segment);
        invokeSafely(connection::send, new SegmentRead(segment, offset, true, false, EMPTY_BUFFER, requestId), failureHandler);
    } else if (u instanceof CancellationException) {
        log.info(requestId, "Closing connection {} while performing {} due to {}.", connection, operation, u.toString());
        connection.close();
    } else if (u instanceof TokenExpiredException) {
        log.warn(requestId, "Expired token during operation {}", operation);
        invokeSafely(connection::send, new AuthTokenCheckFailed(requestId, clientReplyStackTrace, AuthTokenCheckFailed.ErrorCode.TOKEN_EXPIRED), failureHandler);
    } else if (u instanceof TokenException) {
        log.warn(requestId, "Token exception encountered during operation {}.", operation, u);
        invokeSafely(connection::send, new AuthTokenCheckFailed(requestId, clientReplyStackTrace, AuthTokenCheckFailed.ErrorCode.TOKEN_CHECK_FAILED), failureHandler);
    } else if (u instanceof UnsupportedOperationException) {
        log.warn(requestId, "Unsupported Operation '{}'.", operation, u);
        invokeSafely(connection::send, new OperationUnsupported(requestId, operation, clientReplyStackTrace), failureHandler);
    } else if (u instanceof BadOffsetException) {
        BadOffsetException badOffset = (BadOffsetException) u;
        log.info(requestId, "Segment '{}' is truncated and cannot perform operation '{}' at offset '{}'", segment, operation, offset);
        invokeSafely(connection::send, new SegmentIsTruncated(requestId, segment, badOffset.getExpectedOffset(), clientReplyStackTrace, offset), failureHandler);
    } else if (u instanceof TableSegmentNotEmptyException) {
        log.warn(requestId, "Table segment '{}' is not empty to perform '{}'.", segment, operation);
        invokeSafely(connection::send, new TableSegmentNotEmpty(requestId, segment, clientReplyStackTrace), failureHandler);
    } else if (u instanceof KeyNotExistsException) {
        log.warn(requestId, "Conditional update on Table segment '{}' failed as the key does not exist.", segment);
        invokeSafely(connection::send, new WireCommands.TableKeyDoesNotExist(requestId, segment, clientReplyStackTrace), failureHandler);
    } else if (u instanceof BadKeyVersionException) {
        log.warn(requestId, "Conditional update on Table segment '{}' failed due to bad key version.", segment);
        invokeSafely(connection::send, new WireCommands.TableKeyBadVersion(requestId, segment, clientReplyStackTrace), failureHandler);
    } else if (errorCodeExists(u)) {
        log.warn(requestId, "Operation on segment '{}' failed due to a {}.", segment, u.getClass());
        invokeSafely(connection::send, new WireCommands.ErrorMessage(requestId, segment, u.getMessage(), WireCommands.ErrorMessage.ErrorCode.valueOf(u.getClass())), failureHandler);
    } else {
        logError(requestId, segment, operation, u);
        // Closing connection should reinitialize things, and hopefully fix the problem
        connection.close();
        throw new IllegalStateException("Unknown exception.", u);
    }
    return null;
}
Also used : SCALE_POLICY_RATE(io.pravega.segmentstore.contracts.Attributes.SCALE_POLICY_RATE) Arrays(java.util.Arrays) TableSegmentConfig(io.pravega.segmentstore.contracts.tables.TableSegmentConfig) ErrorCode(io.pravega.shared.protocol.netty.WireCommands.ErrorMessage.ErrorCode) READ(io.pravega.auth.AuthHandler.Permissions.READ) StreamSegmentNotExistsException(io.pravega.segmentstore.contracts.StreamSegmentNotExistsException) SegmentIsTruncated(io.pravega.shared.protocol.netty.WireCommands.SegmentIsTruncated) CreateTableSegment(io.pravega.shared.protocol.netty.WireCommands.CreateTableSegment) CREATION_TIME(io.pravega.segmentstore.contracts.Attributes.CREATION_TIME) GetStreamSegmentInfo(io.pravega.shared.protocol.netty.WireCommands.GetStreamSegmentInfo) AuthTokenCheckFailed(io.pravega.shared.protocol.netty.WireCommands.AuthTokenCheckFailed) MergeSegments(io.pravega.shared.protocol.netty.WireCommands.MergeSegments) Duration(java.time.Duration) Map(java.util.Map) SegmentCreated(io.pravega.shared.protocol.netty.WireCommands.SegmentCreated) DeltaIteratorState(io.pravega.segmentstore.server.tables.DeltaIteratorState) StreamSegmentStore(io.pravega.segmentstore.contracts.StreamSegmentStore) Attributes(io.pravega.segmentstore.contracts.Attributes) TableKey(io.pravega.segmentstore.contracts.tables.TableKey) CancellationException(java.util.concurrent.CancellationException) NonNull(lombok.NonNull) ThreadSafe(javax.annotation.concurrent.ThreadSafe) ContainerNotFoundException(io.pravega.segmentstore.contracts.ContainerNotFoundException) GuardedBy(javax.annotation.concurrent.GuardedBy) CreateSegment(io.pravega.shared.protocol.netty.WireCommands.CreateSegment) SealSegment(io.pravega.shared.protocol.netty.WireCommands.SealSegment) SegmentSealed(io.pravega.shared.protocol.netty.WireCommands.SegmentSealed) EndOfStreamSegment(io.pravega.segmentstore.contracts.ReadResultEntryType.EndOfStreamSegment) Futures(io.pravega.common.concurrent.Futures) SegmentAttribute(io.pravega.shared.protocol.netty.WireCommands.SegmentAttribute) IllegalContainerStateException(io.pravega.segmentstore.server.IllegalContainerStateException) Exceptions(io.pravega.common.Exceptions) BadAttributeUpdateException(io.pravega.segmentstore.contracts.BadAttributeUpdateException) GetSegmentAttribute(io.pravega.shared.protocol.netty.WireCommands.GetSegmentAttribute) BadKeyVersionException(io.pravega.segmentstore.contracts.tables.BadKeyVersionException) ArrayList(java.util.ArrayList) READ_UPDATE(io.pravega.auth.AuthHandler.Permissions.READ_UPDATE) SegmentType(io.pravega.segmentstore.contracts.SegmentType) SegmentRead(io.pravega.shared.protocol.netty.WireCommands.SegmentRead) AccessLevel(lombok.AccessLevel) Future(io.pravega.segmentstore.contracts.ReadResultEntryType.Future) FailingRequestProcessor(io.pravega.shared.protocol.netty.FailingRequestProcessor) TokenException(io.pravega.auth.TokenException) StreamSegmentTruncatedException(io.pravega.segmentstore.contracts.StreamSegmentTruncatedException) KeyNotExistsException(io.pravega.segmentstore.contracts.tables.KeyNotExistsException) DeleteTableSegment(io.pravega.shared.protocol.netty.WireCommands.DeleteTableSegment) AttributeId(io.pravega.segmentstore.contracts.AttributeId) lombok.val(lombok.val) Throwables(com.google.common.base.Throwables) WireCommands(io.pravega.shared.protocol.netty.WireCommands) WrongHost(io.pravega.shared.protocol.netty.WireCommands.WrongHost) SegmentDeleted(io.pravega.shared.protocol.netty.WireCommands.SegmentDeleted) AttributeUpdateCollection(io.pravega.segmentstore.contracts.AttributeUpdateCollection) Truncated(io.pravega.segmentstore.contracts.ReadResultEntryType.Truncated) SegmentTruncated(io.pravega.shared.protocol.netty.WireCommands.SegmentTruncated) RequestProcessor(io.pravega.shared.protocol.netty.RequestProcessor) OperationUnsupported(io.pravega.shared.protocol.netty.WireCommands.OperationUnsupported) Preconditions(com.google.common.base.Preconditions) Callbacks.invokeSafely(io.pravega.common.function.Callbacks.invokeSafely) TableEntry(io.pravega.segmentstore.contracts.tables.TableEntry) EMPTY_BUFFER(io.netty.buffer.Unpooled.EMPTY_BUFFER) Cache(io.pravega.segmentstore.contracts.ReadResultEntryType.Cache) TokenExpiredException(io.pravega.auth.TokenExpiredException) TableStore(io.pravega.segmentstore.contracts.tables.TableStore) LoggerFactory(org.slf4j.LoggerFactory) Unpooled(io.netty.buffer.Unpooled) IteratorArgs(io.pravega.segmentstore.contracts.tables.IteratorArgs) SegmentProperties(io.pravega.segmentstore.contracts.SegmentProperties) AttributeUpdate(io.pravega.segmentstore.contracts.AttributeUpdate) StreamSegmentSealedException(io.pravega.segmentstore.contracts.StreamSegmentSealedException) TagLogger(io.pravega.common.tracing.TagLogger) UpdateSegmentAttribute(io.pravega.shared.protocol.netty.WireCommands.UpdateSegmentAttribute) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) BufferView(io.pravega.common.util.BufferView) UpdateSegmentPolicy(io.pravega.shared.protocol.netty.WireCommands.UpdateSegmentPolicy) SegmentStatsRecorder(io.pravega.segmentstore.server.host.stat.SegmentStatsRecorder) ROLLOVER_SIZE(io.pravega.segmentstore.contracts.Attributes.ROLLOVER_SIZE) Collection(java.util.Collection) CompletionException(java.util.concurrent.CompletionException) Math.min(java.lang.Math.min) Collectors(java.util.stream.Collectors) List(java.util.List) StreamSegmentExistsException(io.pravega.segmentstore.contracts.StreamSegmentExistsException) PassingTokenVerifier(io.pravega.segmentstore.server.host.delegationtoken.PassingTokenVerifier) BadOffsetException(io.pravega.segmentstore.contracts.BadOffsetException) DelegationTokenVerifier(io.pravega.segmentstore.server.host.delegationtoken.DelegationTokenVerifier) Math.max(java.lang.Math.max) SegmentIsSealed(io.pravega.shared.protocol.netty.WireCommands.SegmentIsSealed) ReadResult(io.pravega.segmentstore.contracts.ReadResult) IntStream(java.util.stream.IntStream) Setter(lombok.Setter) DeleteSegment(io.pravega.shared.protocol.netty.WireCommands.DeleteSegment) SegmentPolicyUpdated(io.pravega.shared.protocol.netty.WireCommands.SegmentPolicyUpdated) Getter(lombok.Getter) NoSuchSegment(io.pravega.shared.protocol.netty.WireCommands.NoSuchSegment) AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean) HashMap(java.util.HashMap) CompletableFuture(java.util.concurrent.CompletableFuture) Iterators(com.google.common.collect.Iterators) TableSegmentNotEmpty(io.pravega.shared.protocol.netty.WireCommands.TableSegmentNotEmpty) TableSegmentNotEmptyException(io.pravega.segmentstore.contracts.tables.TableSegmentNotEmptyException) ByteBuf(io.netty.buffer.ByteBuf) ReadResultEntry(io.pravega.segmentstore.contracts.ReadResultEntry) SCALE_POLICY_TYPE(io.pravega.segmentstore.contracts.Attributes.SCALE_POLICY_TYPE) TYPE_PLUS_LENGTH_SIZE(io.pravega.shared.protocol.netty.WireCommands.TYPE_PLUS_LENGTH_SIZE) StreamSegmentInfo(io.pravega.shared.protocol.netty.WireCommands.StreamSegmentInfo) TruncateSegment(io.pravega.shared.protocol.netty.WireCommands.TruncateSegment) ReadSegment(io.pravega.shared.protocol.netty.WireCommands.ReadSegment) SegmentAlreadyExists(io.pravega.shared.protocol.netty.WireCommands.SegmentAlreadyExists) ByteBufWrapper(io.pravega.shared.protocol.netty.ByteBufWrapper) LoggerHelpers(io.pravega.common.LoggerHelpers) MergeStreamSegmentResult(io.pravega.segmentstore.contracts.MergeStreamSegmentResult) StreamSegmentMergedException(io.pravega.segmentstore.contracts.StreamSegmentMergedException) Timer(io.pravega.common.Timer) TableSegmentStatsRecorder(io.pravega.segmentstore.server.host.stat.TableSegmentStatsRecorder) SegmentAttributeUpdated(io.pravega.shared.protocol.netty.WireCommands.SegmentAttributeUpdated) Consumer(java.util.function.Consumer) AbstractMap(java.util.AbstractMap) Collectors.toList(java.util.stream.Collectors.toList) VisibleForTesting(com.google.common.annotations.VisibleForTesting) AttributeUpdateType(io.pravega.segmentstore.contracts.AttributeUpdateType) Collections(java.util.Collections) BadKeyVersionException(io.pravega.segmentstore.contracts.tables.BadKeyVersionException) WrongHost(io.pravega.shared.protocol.netty.WireCommands.WrongHost) SegmentAlreadyExists(io.pravega.shared.protocol.netty.WireCommands.SegmentAlreadyExists) AuthTokenCheckFailed(io.pravega.shared.protocol.netty.WireCommands.AuthTokenCheckFailed) StreamSegmentSealedException(io.pravega.segmentstore.contracts.StreamSegmentSealedException) SegmentIsSealed(io.pravega.shared.protocol.netty.WireCommands.SegmentIsSealed) SegmentRead(io.pravega.shared.protocol.netty.WireCommands.SegmentRead) SegmentIsTruncated(io.pravega.shared.protocol.netty.WireCommands.SegmentIsTruncated) TokenException(io.pravega.auth.TokenException) BadOffsetException(io.pravega.segmentstore.contracts.BadOffsetException) TableSegmentNotEmpty(io.pravega.shared.protocol.netty.WireCommands.TableSegmentNotEmpty) WireCommands(io.pravega.shared.protocol.netty.WireCommands) ContainerNotFoundException(io.pravega.segmentstore.contracts.ContainerNotFoundException) OperationUnsupported(io.pravega.shared.protocol.netty.WireCommands.OperationUnsupported) StreamSegmentNotExistsException(io.pravega.segmentstore.contracts.StreamSegmentNotExistsException) StreamSegmentExistsException(io.pravega.segmentstore.contracts.StreamSegmentExistsException) TokenExpiredException(io.pravega.auth.TokenExpiredException) CancellationException(java.util.concurrent.CancellationException) KeyNotExistsException(io.pravega.segmentstore.contracts.tables.KeyNotExistsException) TableSegmentNotEmptyException(io.pravega.segmentstore.contracts.tables.TableSegmentNotEmptyException) NoSuchSegment(io.pravega.shared.protocol.netty.WireCommands.NoSuchSegment)

Example 8 with TokenExpiredException

use of io.pravega.auth.TokenExpiredException in project pravega by pravega.

the class TokenVerifierImpl method verifyToken.

@Override
public JsonWebToken verifyToken(@NonNull String resource, String token, @NonNull AuthHandler.Permissions expectedLevel) throws TokenExpiredException, InvalidTokenException, InvalidClaimException, TokenException {
    if (Strings.isNullOrEmpty(token)) {
        throw new InvalidTokenException("Token is null or empty");
    }
    // All key value pairs inside the payload are returned, including standard fields such as sub (for subject),
    // aud (for audience), iat, exp, as well as custom fields of the form "<resource> -> <permission>" set by
    // Pravega.
    JsonWebToken jwt = JwtParser.parse(token, tokenSigningKey);
    Map<String, Object> permissionsByResource = jwt.getPermissionsByResource();
    Optional<Map.Entry<String, Object>> matchingClaim = permissionsByResource.entrySet().stream().filter(entry -> resourceMatchesClaimKey(entry.getKey(), resource) && expectedLevel.compareTo(AuthHandler.Permissions.valueOf(entry.getValue().toString())) <= 0).findFirst();
    if (!matchingClaim.isPresent()) {
        log.debug(String.format("No matching claim found for resource [%s] and permission [%s] in token.", resource, expectedLevel));
        throw new InvalidClaimException(String.format("No matching claim found for resource: [%s] and permission: [%s] in the delegation token.", resource, expectedLevel));
    }
    return jwt;
}
Also used : InvalidClaimException(io.pravega.auth.InvalidClaimException) TokenExpiredException(io.pravega.auth.TokenExpiredException) NonNull(lombok.NonNull) AuthHandler(io.pravega.auth.AuthHandler) Exceptions(io.pravega.common.Exceptions) JsonWebToken(io.pravega.shared.security.token.JsonWebToken) Strings(com.google.common.base.Strings) Slf4j(lombok.extern.slf4j.Slf4j) JwtParser(io.pravega.shared.security.token.JwtParser) InvalidTokenException(io.pravega.auth.InvalidTokenException) Map(java.util.Map) TokenException(io.pravega.auth.TokenException) Optional(java.util.Optional) VisibleForTesting(com.google.common.annotations.VisibleForTesting) Pattern(java.util.regex.Pattern) InvalidTokenException(io.pravega.auth.InvalidTokenException) InvalidClaimException(io.pravega.auth.InvalidClaimException) JsonWebToken(io.pravega.shared.security.token.JsonWebToken)

Example 9 with TokenExpiredException

use of io.pravega.auth.TokenExpiredException in project pravega by pravega.

the class ConditionalOutputStreamTest method handleUnexpectedReplythrowsAppropriateTokenExceptions.

@Test
public void handleUnexpectedReplythrowsAppropriateTokenExceptions() {
    @Cleanup MockConnectionFactoryImpl connectionFactory = new MockConnectionFactoryImpl();
    @Cleanup MockController controller = new MockController("localhost", 0, connectionFactory, true);
    ConditionalOutputStreamFactory factory = new ConditionalOutputStreamFactoryImpl(controller, connectionFactory);
    Segment segment = new Segment("scope", "testWrite", 1);
    @Cleanup ConditionalOutputStreamImpl objectUnderTest = (ConditionalOutputStreamImpl) factory.createConditionalOutputStream(segment, DelegationTokenProviderFactory.create("token", controller, segment, AccessOperation.ANY), EventWriterConfig.builder().build());
    AssertExtensions.assertThrows("AuthenticationException wasn't thrown", () -> objectUnderTest.handleUnexpectedReply(new WireCommands.AuthTokenCheckFailed(1L, "SomeException", WireCommands.AuthTokenCheckFailed.ErrorCode.TOKEN_CHECK_FAILED), "test"), e -> e instanceof AuthenticationException);
    AssertExtensions.assertThrows("AuthenticationException wasn't thrown", () -> objectUnderTest.handleUnexpectedReply(new WireCommands.AuthTokenCheckFailed(1L, "SomeException", WireCommands.AuthTokenCheckFailed.ErrorCode.UNSPECIFIED), "test"), e -> e instanceof AuthenticationException);
    AssertExtensions.assertThrows("TokenExpiredException wasn't thrown", () -> objectUnderTest.handleUnexpectedReply(new WireCommands.AuthTokenCheckFailed(1L, "SomeException", WireCommands.AuthTokenCheckFailed.ErrorCode.TOKEN_EXPIRED), "test"), e -> e instanceof TokenExpiredException);
    AssertExtensions.assertThrows("InvalidEventNumber wasn't treated as a connection failure", () -> objectUnderTest.handleUnexpectedReply(new WireCommands.InvalidEventNumber(UUID.randomUUID(), 1, "SomeException"), "test"), e -> e instanceof ConnectionFailedException);
    AssertExtensions.assertThrows("Hello wasn't treated as a connection failure", () -> objectUnderTest.handleUnexpectedReply(new WireCommands.Hello(1, 1), "test"), e -> e instanceof ConnectionFailedException);
}
Also used : AuthenticationException(io.pravega.auth.AuthenticationException) Cleanup(lombok.Cleanup) TokenExpiredException(io.pravega.auth.TokenExpiredException) MockConnectionFactoryImpl(io.pravega.client.stream.mock.MockConnectionFactoryImpl) MockController(io.pravega.client.stream.mock.MockController) ConnectionFailedException(io.pravega.shared.protocol.netty.ConnectionFailedException) Test(org.junit.Test)

Example 10 with TokenExpiredException

use of io.pravega.auth.TokenExpiredException in project pravega by pravega.

the class ConditionalOutputStreamImpl method handleUnexpectedReply.

@VisibleForTesting
RuntimeException handleUnexpectedReply(Reply reply, String expectation) {
    log.warn("Unexpected reply {} observed instead of {} for conditional writer {}", reply, expectation, writerId);
    closeConnection(reply.toString());
    if (reply instanceof WireCommands.NoSuchSegment) {
        throw new NoSuchSegmentException(reply.toString());
    } else if (reply instanceof SegmentIsSealed) {
        throw Exceptions.sneakyThrow(new SegmentSealedException(reply.toString()));
    } else if (reply instanceof WrongHost) {
        throw Exceptions.sneakyThrow(new ConnectionFailedException(reply.toString()));
    } else if (reply instanceof InvalidEventNumber) {
        InvalidEventNumber ien = (InvalidEventNumber) reply;
        throw Exceptions.sneakyThrow(new ConnectionFailedException(ien.getWriterId() + " Got stale data from setupAppend on segment " + segmentId + " for ConditionalOutputStream. Event number was " + ien.getEventNumber()));
    } else if (reply instanceof AuthTokenCheckFailed) {
        AuthTokenCheckFailed authTokenCheckFailed = (WireCommands.AuthTokenCheckFailed) reply;
        if (authTokenCheckFailed.isTokenExpired()) {
            this.tokenProvider.signalTokenExpired();
            throw Exceptions.sneakyThrow(new TokenExpiredException(authTokenCheckFailed.getServerStackTrace()));
        } else {
            throw Exceptions.sneakyThrow(new AuthenticationException(authTokenCheckFailed.toString()));
        }
    } else {
        throw Exceptions.sneakyThrow(new ConnectionFailedException("Unexpected reply of " + reply + " when expecting an " + expectation));
    }
}
Also used : AuthTokenCheckFailed(io.pravega.shared.protocol.netty.WireCommands.AuthTokenCheckFailed) TokenExpiredException(io.pravega.auth.TokenExpiredException) SegmentIsSealed(io.pravega.shared.protocol.netty.WireCommands.SegmentIsSealed) InvalidEventNumber(io.pravega.shared.protocol.netty.WireCommands.InvalidEventNumber) AuthenticationException(io.pravega.auth.AuthenticationException) WrongHost(io.pravega.shared.protocol.netty.WireCommands.WrongHost) ConnectionFailedException(io.pravega.shared.protocol.netty.ConnectionFailedException) VisibleForTesting(com.google.common.annotations.VisibleForTesting)

Aggregations

TokenExpiredException (io.pravega.auth.TokenExpiredException)10 VisibleForTesting (com.google.common.annotations.VisibleForTesting)7 AuthenticationException (io.pravega.auth.AuthenticationException)6 ConnectionFailedException (io.pravega.shared.protocol.netty.ConnectionFailedException)6 WireCommands (io.pravega.shared.protocol.netty.WireCommands)5 SegmentIsSealed (io.pravega.shared.protocol.netty.WireCommands.SegmentIsSealed)5 WrongHost (io.pravega.shared.protocol.netty.WireCommands.WrongHost)5 Exceptions (io.pravega.common.Exceptions)4 AuthTokenCheckFailed (io.pravega.shared.protocol.netty.WireCommands.AuthTokenCheckFailed)4 InvalidEventNumber (io.pravega.shared.protocol.netty.WireCommands.InvalidEventNumber)4 Unpooled (io.netty.buffer.Unpooled)3 TokenException (io.pravega.auth.TokenException)3 OperationUnsupported (io.pravega.shared.protocol.netty.WireCommands.OperationUnsupported)3 SegmentAlreadyExists (io.pravega.shared.protocol.netty.WireCommands.SegmentAlreadyExists)3 CompletableFuture (java.util.concurrent.CompletableFuture)3 ByteBuf (io.netty.buffer.ByteBuf)2 InvalidTokenException (io.pravega.auth.InvalidTokenException)2 ConnectionPool (io.pravega.client.connection.impl.ConnectionPool)2 RawClient (io.pravega.client.connection.impl.RawClient)2 Controller (io.pravega.client.control.impl.Controller)2