use of io.pravega.common.auth.AuthenticationException in project pravega by pravega.
the class StreamMetadataResourceImpl method updateStream.
/**
* Implementation of updateStream REST API.
*
* @param scopeName The scope name of stream.
* @param streamName The name of stream.
* @param updateStreamRequest The object conforming to updateStreamConfig request json.
* @param securityContext The security for API access.
* @param asyncResponse AsyncResponse provides means for asynchronous server side response processing.
*/
@Override
public void updateStream(final String scopeName, final String streamName, final UpdateStreamRequest updateStreamRequest, final SecurityContext securityContext, final AsyncResponse asyncResponse) {
long traceId = LoggerHelpers.traceEnter(log, "updateStream");
try {
authenticate(scopeName + "/" + streamName, READ_UPDATE);
} catch (AuthenticationException e) {
log.warn("Update stream for {} failed due to authentication failure.", scopeName + "/" + streamName);
asyncResponse.resume(Response.status(Status.UNAUTHORIZED).build());
LoggerHelpers.traceLeave(log, "Update stream", traceId);
return;
}
StreamConfiguration streamConfiguration = ModelHelper.getUpdateStreamConfig(updateStreamRequest, scopeName, streamName);
controllerService.updateStream(streamConfiguration).thenApply(streamStatus -> {
if (streamStatus.getStatus() == UpdateStreamStatus.Status.SUCCESS) {
log.info("Successfully updated stream config for: {}/{}", scopeName, streamName);
return Response.status(Status.OK).entity(ModelHelper.encodeStreamResponse(streamConfiguration)).build();
} else if (streamStatus.getStatus() == UpdateStreamStatus.Status.STREAM_NOT_FOUND || streamStatus.getStatus() == UpdateStreamStatus.Status.SCOPE_NOT_FOUND) {
log.warn("Stream: {}/{} not found", scopeName, streamName);
return Response.status(Status.NOT_FOUND).build();
} else {
log.warn("updateStream failed for {}/{}", scopeName, streamName);
return Response.status(Status.INTERNAL_SERVER_ERROR).build();
}
}).exceptionally(exception -> {
log.warn("updateStream for {}/{} failed with exception: {}", scopeName, streamName, exception);
return Response.status(Status.INTERNAL_SERVER_ERROR).build();
}).thenApply(asyncResponse::resume).thenAccept(x -> LoggerHelpers.traceLeave(log, "updateStream", traceId));
}
use of io.pravega.common.auth.AuthenticationException in project pravega by pravega.
the class StreamMetadataResourceImpl method createStream.
/**
* Implementation of createStream REST API.
*
* @param scopeName The scope name of stream.
* @param createStreamRequest The object conforming to createStream request json.
* @param securityContext The security for API access.
* @param asyncResponse AsyncResponse provides means for asynchronous server side response processing.
*/
@Override
public void createStream(final String scopeName, final CreateStreamRequest createStreamRequest, final SecurityContext securityContext, final AsyncResponse asyncResponse) {
long traceId = LoggerHelpers.traceEnter(log, "createStream");
try {
NameUtils.validateUserStreamName(createStreamRequest.getStreamName());
} catch (IllegalArgumentException | NullPointerException e) {
log.warn("Create stream failed due to invalid stream name {}", createStreamRequest.getStreamName());
asyncResponse.resume(Response.status(Status.BAD_REQUEST).build());
LoggerHelpers.traceLeave(log, "createStream", traceId);
return;
}
try {
authenticate(scopeName + "/" + createStreamRequest.getStreamName(), READ_UPDATE);
} catch (AuthenticationException e) {
log.warn("Create stream for {} failed due to authentication failure.", createStreamRequest.getStreamName());
asyncResponse.resume(Response.status(Status.UNAUTHORIZED).build());
LoggerHelpers.traceLeave(log, "createStream", traceId);
return;
}
StreamConfiguration streamConfiguration = ModelHelper.getCreateStreamConfig(createStreamRequest, scopeName);
controllerService.createStream(streamConfiguration, System.currentTimeMillis()).thenApply(streamStatus -> {
Response resp = null;
if (streamStatus.getStatus() == CreateStreamStatus.Status.SUCCESS) {
log.info("Successfully created stream: {}/{}", scopeName, streamConfiguration.getStreamName());
resp = Response.status(Status.CREATED).entity(ModelHelper.encodeStreamResponse(streamConfiguration)).build();
} else if (streamStatus.getStatus() == CreateStreamStatus.Status.STREAM_EXISTS) {
log.warn("Stream already exists: {}/{}", scopeName, streamConfiguration.getStreamName());
resp = Response.status(Status.CONFLICT).build();
} else if (streamStatus.getStatus() == CreateStreamStatus.Status.SCOPE_NOT_FOUND) {
log.warn("Scope not found: {}", scopeName);
resp = Response.status(Status.NOT_FOUND).build();
} else if (streamStatus.getStatus() == CreateStreamStatus.Status.INVALID_STREAM_NAME) {
log.warn("Invalid stream name: {}", streamConfiguration.getStreamName());
resp = Response.status(Status.BAD_REQUEST).build();
} else {
log.warn("createStream failed for : {}/{}", scopeName, streamConfiguration.getStreamName());
resp = Response.status(Status.INTERNAL_SERVER_ERROR).build();
}
return resp;
}).exceptionally(exception -> {
log.warn("createStream for {}/{} failed {}: ", scopeName, streamConfiguration.getStreamName(), exception);
return Response.status(Status.INTERNAL_SERVER_ERROR).build();
}).thenApply(asyncResponse::resume).thenAccept(x -> LoggerHelpers.traceLeave(log, "createStream", traceId));
}
use of io.pravega.common.auth.AuthenticationException in project pravega by pravega.
the class AppendProcessor method handleException.
private void handleException(UUID writerId, long requestId, String segment, String doingWhat, Throwable u) {
if (u == null) {
IllegalStateException exception = new IllegalStateException("No exception to handle.");
log.error("Append processor: Error {} on segment = '{}'", doingWhat, segment, exception);
throw exception;
}
u = Exceptions.unwrap(u);
if (u instanceof StreamSegmentExistsException) {
log.warn("Segment '{}' already exists and {} cannot perform operation '{}'.", segment, writerId, doingWhat);
connection.send(new SegmentAlreadyExists(requestId, segment));
} else if (u instanceof StreamSegmentNotExistsException) {
log.warn("Segment '{}' does not exist and {} cannot perform operation '{}'.", segment, writerId, doingWhat);
connection.send(new NoSuchSegment(requestId, segment));
} else if (u instanceof StreamSegmentSealedException) {
log.info("Segment '{}' is sealed and {} cannot perform operation '{}'.", segment, writerId, doingWhat);
connection.send(new SegmentIsSealed(requestId, segment));
} else if (u instanceof ContainerNotFoundException) {
int containerId = ((ContainerNotFoundException) u).getContainerId();
log.warn("Wrong host. Segment '{}' (Container {}) is not owned and {} cannot perform operation '{}'.", segment, containerId, writerId, doingWhat);
connection.send(new WrongHost(requestId, segment, ""));
} else if (u instanceof BadAttributeUpdateException) {
log.warn("Bad attribute update by {} on segment {}.", writerId, segment, u);
connection.send(new InvalidEventNumber(writerId, requestId));
connection.close();
} else if (u instanceof TooManyAttributesException) {
log.warn("Attribute limit would be exceeded by {} on segment {}.", writerId, segment, u);
connection.send(new InvalidEventNumber(writerId, requestId));
connection.close();
} else if (u instanceof AuthenticationException) {
log.warn("Token check failed while being written by {} on segment {}.", writerId, segment, u);
connection.send(new WireCommands.AuthTokenCheckFailed(requestId));
connection.close();
} else if (u instanceof UnsupportedOperationException) {
log.warn("Unsupported Operation '{}'.", doingWhat, u);
connection.send(new OperationUnsupported(requestId, doingWhat));
} else {
log.error("Error (Segment = '{}', Operation = 'append')", segment, u);
// Closing connection should reinitialize things, and hopefully fix the problem
connection.close();
}
}
use of io.pravega.common.auth.AuthenticationException in project pravega by pravega.
the class PravegaRequestProcessor method verifyToken.
private boolean verifyToken(String segment, long requestId, String delegationToken, AuthHandler.Permissions read, String operation) {
if (!tokenVerifier.verifyToken(segment, delegationToken, READ)) {
log.warn("Delegation token verification failed");
handleException(requestId, segment, "Read Segment", new AuthenticationException("Token verification failed"));
return false;
}
return true;
}
use of io.pravega.common.auth.AuthenticationException in project pravega by pravega.
the class MockController method createSegmentTx.
private CompletableFuture<Void> createSegmentTx(UUID txId, Segment segment) {
CompletableFuture<Void> result = new CompletableFuture<>();
FailingReplyProcessor replyProcessor = new FailingReplyProcessor() {
@Override
public void connectionDropped() {
result.completeExceptionally(new ConnectionClosedException());
}
@Override
public void wrongHost(WrongHost wrongHost) {
result.completeExceptionally(new UnsupportedOperationException());
}
@Override
public void transactionCreated(TransactionCreated transactionCreated) {
result.complete(null);
}
@Override
public void processingFailure(Exception error) {
result.completeExceptionally(error);
}
@Override
public void authTokenCheckFailed(WireCommands.AuthTokenCheckFailed authTokenCheckFailed) {
result.completeExceptionally(new AuthenticationException(authTokenCheckFailed.toString()));
}
};
sendRequestOverNewConnection(new CreateTransaction(idGenerator.get(), segment.getScopedName(), txId, ""), replyProcessor, result);
return result;
}
Aggregations