Example 1 with CredentialsProvider
use of org.apache.drill.common.logical.security.CredentialsProvider in project drill by apache.
the class StorageResources method updateAuthToken.
@GET
@Path("/storage/{name}/update_oath2_authtoken")
@Produces(MediaType.TEXT_HTML)
public Response updateAuthToken(@PathParam("name") String name, @QueryParam("code") String code) {
try {
if (storage.getPlugin(name).getConfig() instanceof AbstractSecuredStoragePluginConfig) {
AbstractSecuredStoragePluginConfig securedStoragePluginConfig = (AbstractSecuredStoragePluginConfig) storage.getPlugin(name).getConfig();
CredentialsProvider credentialsProvider = securedStoragePluginConfig.getCredentialsProvider();
String callbackURL = this.request.getRequestURL().toString();
// Now exchange the authorization token for an access token
Builder builder = new OkHttpClient.Builder();
OkHttpClient client = builder.build();
Request accessTokenRequest = OAuthUtils.getAccessTokenRequest(credentialsProvider, code, callbackURL);
Map<String, String> updatedTokens = OAuthUtils.getOAuthTokens(client, accessTokenRequest);
// Add to token registry
TokenRegistry tokenRegistry = ((AbstractStoragePlugin) storage.getPlugin(name)).getContext().getoAuthTokenProvider().getOauthTokenRegistry();
// Add a token registry table if none exists
tokenRegistry.createTokenTable(name);
PersistentTokenTable tokenTable = tokenRegistry.getTokenTable(name);
// Add tokens to persistent storage
tokenTable.setAccessToken(updatedTokens.get(OAuthTokenCredentials.ACCESS_TOKEN));
tokenTable.setRefreshToken(updatedTokens.get(OAuthTokenCredentials.REFRESH_TOKEN));
// Get success page
String successPage = null;
try (InputStream inputStream = Resource.newClassPathResource(OAUTH_SUCCESS_PAGE).getInputStream()) {
InputStreamReader reader = new InputStreamReader(inputStream, StandardCharsets.UTF_8);
BufferedReader bufferedReader = new BufferedReader(reader);
successPage = bufferedReader.lines().collect(Collectors.joining("\n"));
bufferedReader.close();
reader.close();
} catch (IOException e) {
Response.status(Status.OK).entity("You may close this window.").build();
}
return Response.status(Status.OK).entity(successPage).build();
} else {
logger.error("{} is not a HTTP plugin. You can only add auth code to HTTP plugins.", name);
return Response.status(Status.INTERNAL_SERVER_ERROR).entity(message("Unable to add authorization code: %s", name)).build();
}
} catch (PluginException e) {
logger.error("Error when adding auth token to {}", name);
return Response.status(Status.INTERNAL_SERVER_ERROR).entity(message("Unable to add authorization code: %s", e.getMessage())).build();
}
}
Also used :
OkHttpClient(okhttp3.OkHttpClient)
InputStreamReader(java.io.InputStreamReader)
TokenRegistry(org.apache.drill.exec.oauth.TokenRegistry)
InputStream(java.io.InputStream)
Builder(okhttp3.OkHttpClient.Builder)
PluginException(org.apache.drill.exec.store.StoragePluginRegistry.PluginException)
Request(okhttp3.Request)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
CredentialsProvider(org.apache.drill.common.logical.security.CredentialsProvider)
IOException(java.io.IOException)
BufferedReader(java.io.BufferedReader)
PersistentTokenTable(org.apache.drill.exec.oauth.PersistentTokenTable)
AbstractSecuredStoragePluginConfig(org.apache.drill.common.logical.AbstractSecuredStoragePluginConfig)
AbstractStoragePlugin(org.apache.drill.exec.store.AbstractStoragePlugin)
Path(javax.ws.rs.Path)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
Example 2 with CredentialsProvider
use of org.apache.drill.common.logical.security.CredentialsProvider in project drill by apache.
the class TestOAuthProcess method setup.
@BeforeClass
public static void setup() throws Exception {
ACCESS_TOKEN_RESPONSE = Files.asCharSource(DrillFileUtils.getResourceAsFile("/data/oauth_access_token_response.json"), Charsets.UTF_8).read();
REFRESH_TOKEN_RESPONSE = Files.asCharSource(DrillFileUtils.getResourceAsFile("/data/token_refresh.json"), Charsets.UTF_8).read();
TEST_JSON_RESPONSE_WITH_DATATYPES = Files.asCharSource(DrillFileUtils.getResourceAsFile("/data/response2.json"), Charsets.UTF_8).read();
ClusterFixtureBuilder builder = new ClusterFixtureBuilder(dirTestWatcher).configProperty(ExecConstants.HTTP_ENABLE, true).configProperty(ExecConstants.HTTP_PORT_HUNT, true);
startCluster(builder);
int portNumber = cluster.drillbit().getWebServerPort();
hostname = "http://localhost:" + portNumber + "/storage/" + CONNECTION_NAME;
Map<String, String> creds = new HashMap<>();
creds.put("clientID", "12345");
creds.put("clientSecret", "54321");
creds.put("accessToken", null);
creds.put("refreshToken", null);
creds.put(OAuthTokenCredentials.TOKEN_URI, "http://localhost:" + MOCK_SERVER_PORT + "/get_access_token");
CredentialsProvider credentialsProvider = new PlainCredentialsProvider(creds);
HttpApiConfig connectionConfig = HttpApiConfig.builder().url("http://localhost:" + MOCK_SERVER_PORT + "/getdata").method("get").requireTail(false).inputType("json").build();
HttpOAuthConfig oAuthConfig = HttpOAuthConfig.builder().callbackURL(hostname + "/update_oath2_authtoken").build();
Map<String, HttpApiConfig> configs = new HashMap<>();
configs.put("test", connectionConfig);
// Add storage plugin for test OAuth
HttpStoragePluginConfig mockStorageConfigWithWorkspace = new HttpStoragePluginConfig(false, configs, TIMEOUT, "", 80, "", "", "", oAuthConfig, credentialsProvider);
mockStorageConfigWithWorkspace.setEnabled(true);
cluster.defineStoragePlugin("localOauth", mockStorageConfigWithWorkspace);
}
Also used :
PlainCredentialsProvider(org.apache.drill.common.logical.security.PlainCredentialsProvider)
HashMap(java.util.HashMap)
ClusterFixtureBuilder(org.apache.drill.test.ClusterFixtureBuilder)
PlainCredentialsProvider(org.apache.drill.common.logical.security.PlainCredentialsProvider)
CredentialsProvider(org.apache.drill.common.logical.security.CredentialsProvider)
BeforeClass(org.junit.BeforeClass)
Example 3 with CredentialsProvider
use of org.apache.drill.common.logical.security.CredentialsProvider in project drill by apache.
the class CredentialsProviderSerDeTest method testPlainCredentialsProviderSerDe.
@Test
public void testPlainCredentialsProviderSerDe() throws JsonProcessingException {
ObjectMapper mapper = cluster.drillbit().getContext().getLpPersistence().getMapper();
CredentialsProvider credentialsProvider = new PlainCredentialsProvider(ImmutableMap.of(UsernamePasswordCredentials.USERNAME, "myLogin", UsernamePasswordCredentials.PASSWORD, "myPass"));
String serialized = mapper.writerFor(CredentialsProvider.class).writeValueAsString(credentialsProvider);
String expected = "{\n" + " \"credentialsProviderType\" : \"PlainCredentialsProvider\",\n" + " \"credentials\" : {\n" + " \"username\" : \"myLogin\",\n" + " \"password\" : \"myPass\"\n" + " }\n" + "}";
assertEquals(expected, serialized);
CredentialsProvider deserialized = mapper.readerFor(CredentialsProvider.class).readValue(serialized);
assertEquals(credentialsProvider, deserialized);
}
Also used :
PlainCredentialsProvider(org.apache.drill.common.logical.security.PlainCredentialsProvider)
EnvCredentialsProvider(org.apache.drill.exec.store.security.EnvCredentialsProvider)
PlainCredentialsProvider(org.apache.drill.common.logical.security.PlainCredentialsProvider)
CredentialsProvider(org.apache.drill.common.logical.security.CredentialsProvider)
HadoopCredentialsProvider(org.apache.drill.exec.store.security.HadoopCredentialsProvider)
VaultCredentialsProvider(org.apache.drill.exec.store.security.vault.VaultCredentialsProvider)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
ClusterTest(org.apache.drill.test.ClusterTest)
Test(org.junit.Test)
Example 4 with CredentialsProvider
use of org.apache.drill.common.logical.security.CredentialsProvider in project drill by apache.
the class CredentialsProviderImplementationsTest method testEnvCredentialsProvider.
@Test
public void testEnvCredentialsProvider() {
String variableName = "USER";
String expectedValue = System.getenv(variableName);
CredentialsProvider envCredentialsProvider = new EnvCredentialsProvider(ImmutableMap.of(UsernamePasswordCredentials.USERNAME, variableName));
Map<String, String> actualCredentials = envCredentialsProvider.getCredentials();
assertEquals(Collections.singletonMap(UsernamePasswordCredentials.USERNAME, expectedValue), actualCredentials);
}
Also used :
EnvCredentialsProvider(org.apache.drill.exec.store.security.EnvCredentialsProvider)
EnvCredentialsProvider(org.apache.drill.exec.store.security.EnvCredentialsProvider)
CredentialsProvider(org.apache.drill.common.logical.security.CredentialsProvider)
HadoopCredentialsProvider(org.apache.drill.exec.store.security.HadoopCredentialsProvider)
VaultCredentialsProvider(org.apache.drill.exec.store.security.vault.VaultCredentialsProvider)
ClusterTest(org.apache.drill.test.ClusterTest)
Test(org.junit.Test)
Example 5 with CredentialsProvider
use of org.apache.drill.common.logical.security.CredentialsProvider in project drill by apache.
the class CredentialsProviderImplementationsTest method testHadoopCredentialsProvider.
@Test
public void testHadoopCredentialsProvider() {
Configuration configuration = new Configuration();
String expectedUsernameValue = "user1";
String expectedPassValue = "pass123!@#";
String usernamePropertyName = "username_key";
String passwordPropertyName = "password_key";
configuration.set(usernamePropertyName, expectedUsernameValue);
configuration.set(passwordPropertyName, expectedPassValue);
CredentialsProvider envCredentialsProvider = new HadoopCredentialsProvider(configuration, ImmutableMap.of(UsernamePasswordCredentials.USERNAME, usernamePropertyName, UsernamePasswordCredentials.PASSWORD, passwordPropertyName));
Map<String, String> actualCredentials = envCredentialsProvider.getCredentials();
assertEquals(ImmutableMap.of(UsernamePasswordCredentials.USERNAME, expectedUsernameValue, UsernamePasswordCredentials.PASSWORD, expectedPassValue), actualCredentials);
}
Also used :
Configuration(org.apache.hadoop.conf.Configuration)
HadoopCredentialsProvider(org.apache.drill.exec.store.security.HadoopCredentialsProvider)
EnvCredentialsProvider(org.apache.drill.exec.store.security.EnvCredentialsProvider)
CredentialsProvider(org.apache.drill.common.logical.security.CredentialsProvider)
HadoopCredentialsProvider(org.apache.drill.exec.store.security.HadoopCredentialsProvider)
VaultCredentialsProvider(org.apache.drill.exec.store.security.vault.VaultCredentialsProvider)
ClusterTest(org.apache.drill.test.ClusterTest)
Test(org.junit.Test)
Aggregations
CredentialsProvider (org.apache.drill.common.logical.security.CredentialsProvider)11
EnvCredentialsProvider (org.apache.drill.exec.store.security.EnvCredentialsProvider)8
HadoopCredentialsProvider (org.apache.drill.exec.store.security.HadoopCredentialsProvider)8
VaultCredentialsProvider (org.apache.drill.exec.store.security.vault.VaultCredentialsProvider)8
ClusterTest (org.apache.drill.test.ClusterTest)8
Test (org.junit.Test)8
PlainCredentialsProvider (org.apache.drill.common.logical.security.PlainCredentialsProvider)6
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)5
DrillConfig (org.apache.drill.common.config.DrillConfig)2
AbstractSecuredStoragePluginConfig (org.apache.drill.common.logical.AbstractSecuredStoragePluginConfig)2
JsonIgnore (com.fasterxml.jackson.annotation.JsonIgnore)1
BufferedReader (java.io.BufferedReader)1
IOException (java.io.IOException)1
InputStream (java.io.InputStream)1
InputStreamReader (java.io.InputStreamReader)1
HashMap (java.util.HashMap)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
GET (javax.ws.rs.GET)1
Path (javax.ws.rs.Path)1
Produces (javax.ws.rs.Produces)1
