Examples with S3ErrorTable.newError - org.apache.hadoop.ozone.s3.exception.S3ErrorTable.newError

Example 1 with S3ErrorTable.newError

use of org.apache.hadoop.ozone.s3.exception.S3ErrorTable.newError in project ozone by apache.

the class OzoneClientProducer method getSignature.

@Produces
public S3Auth getSignature() {
    try {
        SignatureInfo signatureInfo = signatureProcessor.parseSignature();
        String stringToSign = "";
        if (signatureInfo.getVersion() == Version.V4) {
            stringToSign = StringToSignProducer.createSignatureBase(signatureInfo, context);
        }
        String awsAccessId = signatureInfo.getAwsAccessId();
        // ONLY validate aws access id when needed.
        if (awsAccessId == null || awsAccessId.equals("")) {
            LOG.debug("Malformed s3 header. awsAccessID: {}", awsAccessId);
            throw ACCESS_DENIED;
        }
        return new S3Auth(stringToSign, signatureInfo.getSignature(), awsAccessId);
    } catch (OS3Exception ex) {
        LOG.debug("Error during Client Creation: ", ex);
        throw wrapOS3Exception(ex);
    } catch (Exception e) {
        // For any other critical errors during object creation throw Internal
        // error.
        LOG.debug("Error during Client Creation: ", e);
        throw wrapOS3Exception(S3ErrorTable.newError(INTERNAL_ERROR, null, e));
    }
}

Also used : SignatureInfo(org.apache.hadoop.ozone.s3.signature.SignatureInfo) S3Auth(org.apache.hadoop.ozone.om.protocol.S3Auth) OS3Exception(org.apache.hadoop.ozone.s3.exception.OS3Exception) OS3Exception(org.apache.hadoop.ozone.s3.exception.OS3Exception) IOException(java.io.IOException) WebApplicationException(javax.ws.rs.WebApplicationException) Produces(javax.enterprise.inject.Produces)

Example 2 with S3ErrorTable.newError

use of org.apache.hadoop.ozone.s3.exception.S3ErrorTable.newError in project ozone by apache.

the class S3Acl method s3AclToOzoneNativeAclOnBucket.

public static List<OzoneAcl> s3AclToOzoneNativeAclOnBucket(S3BucketAcl bucketAcl) throws OS3Exception {
    List<OzoneAcl> ozoneAclList = new ArrayList<>();
    List<Grant> grantList = bucketAcl.getAclList().getGrantList();
    for (Grant grant : grantList) {
        // Only "CanonicalUser" is supported, which maps to Ozone "USER"
        ACLIdentityType identityType = ACLIdentityType.getTypeFromGranteeType(grant.getGrantee().getXsiType());
        if (identityType != null && identityType.isSupported()) {
            String permission = grant.getPermission();
            BitSet acls = getOzoneAclOnBucketFromS3Permission(permission);
            OzoneAcl defaultOzoneAcl = new OzoneAcl(IAccessAuthorizer.ACLIdentityType.USER, grant.getGrantee().getId(), acls, OzoneAcl.AclScope.DEFAULT);
            OzoneAcl accessOzoneAcl = new OzoneAcl(IAccessAuthorizer.ACLIdentityType.USER, grant.getGrantee().getId(), acls, OzoneAcl.AclScope.ACCESS);
            ozoneAclList.add(defaultOzoneAcl);
            ozoneAclList.add(accessOzoneAcl);
        } else {
            LOG.error("Grantee type {} is not supported", grant.getGrantee().getXsiType());
            throw S3ErrorTable.newError(NOT_IMPLEMENTED, grant.getGrantee().getXsiType());
        }
    }
    return ozoneAclList;
}

Also used : Grant(org.apache.hadoop.ozone.s3.endpoint.S3BucketAcl.Grant) OzoneAcl(org.apache.hadoop.ozone.OzoneAcl) ArrayList(java.util.ArrayList) BitSet(java.util.BitSet)

Example 3 with S3ErrorTable.newError

use of org.apache.hadoop.ozone.s3.exception.S3ErrorTable.newError in project ozone by apache.

the class ContinueToken method checkHash.

private static void checkHash(String key, String hex, String digest) throws OS3Exception {
    String digestActualKey = DigestUtils.sha256Hex(hex);
    if (!digest.equals(digestActualKey)) {
        OS3Exception ex = S3ErrorTable.newError(S3ErrorTable.INVALID_ARGUMENT, key);
        ex.setErrorMessage("The continuation token provided is incorrect");
        throw ex;
    }
}

Also used : OS3Exception(org.apache.hadoop.ozone.s3.exception.OS3Exception)

Example 4 with S3ErrorTable.newError

use of org.apache.hadoop.ozone.s3.exception.S3ErrorTable.newError in project ozone by apache.

the class S3Acl method s3AclToOzoneNativeAclOnVolume.

public static List<OzoneAcl> s3AclToOzoneNativeAclOnVolume(S3BucketAcl bucketAcl) throws OS3Exception {
    List<OzoneAcl> ozoneAclList = new ArrayList<>();
    List<Grant> grantList = bucketAcl.getAclList().getGrantList();
    for (Grant grant : grantList) {
        // Only "CanonicalUser" is supported, which maps to Ozone "USER"
        ACLIdentityType identityType = ACLIdentityType.getTypeFromGranteeType(grant.getGrantee().getXsiType());
        if (identityType != null && identityType.isSupported()) {
            String permission = grant.getPermission();
            BitSet acls = getOzoneAclOnVolumeFromS3Permission(permission);
            OzoneAcl accessOzoneAcl = new OzoneAcl(IAccessAuthorizer.ACLIdentityType.USER, grant.getGrantee().getId(), acls, OzoneAcl.AclScope.ACCESS);
            ozoneAclList.add(accessOzoneAcl);
        } else {
            LOG.error("Grantee type {} is not supported", grant.getGrantee().getXsiType());
            throw S3ErrorTable.newError(NOT_IMPLEMENTED, grant.getGrantee().getXsiType());
        }
    }
    return ozoneAclList;
}

Also used : Grant(org.apache.hadoop.ozone.s3.endpoint.S3BucketAcl.Grant) OzoneAcl(org.apache.hadoop.ozone.OzoneAcl) ArrayList(java.util.ArrayList) BitSet(java.util.BitSet)

Example 5 with S3ErrorTable.newError

use of org.apache.hadoop.ozone.s3.exception.S3ErrorTable.newError in project ozone by apache.

the class ContinueToken method decodeFromString.

/**
 * Decode a continuation token which is used in get Bucket.
 *
 * @param key
 * @return if key is not null return decoded token, otherwise returns null.
 * @throws OS3Exception
 */
public static ContinueToken decodeFromString(String key) throws OS3Exception {
    if (key != null) {
        int indexSeparator = key.indexOf(CONTINUE_TOKEN_SEPARATOR);
        if (indexSeparator == -1) {
            throw S3ErrorTable.newError(S3ErrorTable.INVALID_ARGUMENT, key);
        }
        String hex = key.substring(0, indexSeparator);
        String digest = key.substring(indexSeparator + 1);
        try {
            checkHash(key, hex, digest);
            ByteBuffer buffer = ByteBuffer.wrap(Hex.decodeHex(hex));
            int keySize = buffer.getInt();
            byte[] actualKeyBytes = new byte[keySize];
            buffer.get(actualKeyBytes);
            byte[] actualDirBytes = new byte[buffer.remaining()];
            buffer.get(actualDirBytes);
            return new ContinueToken(new String(actualKeyBytes, StandardCharsets.UTF_8), new String(actualDirBytes, StandardCharsets.UTF_8));
        } catch (DecoderException ex) {
            OS3Exception os3Exception = S3ErrorTable.newError(S3ErrorTable.INVALID_ARGUMENT, key, ex);
            os3Exception.setErrorMessage("The continuation token provided is " + "incorrect");
            throw os3Exception;
        }
    } else {
        return null;
    }
}

Also used : DecoderException(org.apache.commons.codec.DecoderException) OS3Exception(org.apache.hadoop.ozone.s3.exception.OS3Exception) ByteBuffer(java.nio.ByteBuffer)

Aggregations

OS3Exception (org.apache.hadoop.ozone.s3.exception.OS3Exception)3 ArrayList (java.util.ArrayList)2 BitSet (java.util.BitSet)2 OzoneAcl (org.apache.hadoop.ozone.OzoneAcl)2 Grant (org.apache.hadoop.ozone.s3.endpoint.S3BucketAcl.Grant)2 IOException (java.io.IOException)1 ByteBuffer (java.nio.ByteBuffer)1 Produces (javax.enterprise.inject.Produces)1 WebApplicationException (javax.ws.rs.WebApplicationException)1 DecoderException (org.apache.commons.codec.DecoderException)1 S3Auth (org.apache.hadoop.ozone.om.protocol.S3Auth)1 SignatureInfo (org.apache.hadoop.ozone.s3.signature.SignatureInfo)1