001/** 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software 013 * distributed under the License is distributed on an "AS IS" BASIS, 014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 015 * See the License for the specific language governing permissions and 016 * limitations under the License. 017 */ 018 019package org.apache.hadoop.yarn.security.client; 020 021import java.io.IOException; 022 023import org.apache.hadoop.classification.InterfaceAudience; 024import org.apache.hadoop.classification.InterfaceAudience.Public; 025import org.apache.hadoop.classification.InterfaceStability.Unstable; 026import org.apache.hadoop.conf.Configuration; 027import org.apache.hadoop.io.Text; 028import org.apache.hadoop.security.token.Token; 029import org.apache.hadoop.security.token.TokenRenewer; 030import org.apache.hadoop.security.token.delegation.AbstractDelegationTokenIdentifier; 031import org.apache.hadoop.yarn.client.api.TimelineClient; 032import org.apache.hadoop.yarn.exceptions.YarnException; 033 034@Public 035@Unstable 036public class TimelineDelegationTokenIdentifier extends AbstractDelegationTokenIdentifier { 037 038 public static final Text KIND_NAME = new Text("TIMELINE_DELEGATION_TOKEN"); 039 040 public TimelineDelegationTokenIdentifier() { 041 042 } 043 044 /** 045 * Create a new timeline delegation token identifier 046 * 047 * @param owner the effective username of the token owner 048 * @param renewer the username of the renewer 049 * @param realUser the real username of the token owner 050 */ 051 public TimelineDelegationTokenIdentifier(Text owner, Text renewer, 052 Text realUser) { 053 super(owner, renewer, realUser); 054 } 055 056 @Override 057 public Text getKind() { 058 return KIND_NAME; 059 } 060 061 @InterfaceAudience.Private 062 public static class Renewer extends TokenRenewer { 063 064 @Override 065 public boolean handleKind(Text kind) { 066 return KIND_NAME.equals(kind); 067 } 068 069 @Override 070 public boolean isManaged(Token<?> token) throws IOException { 071 return true; 072 } 073 074 @SuppressWarnings("unchecked") 075 @Override 076 public long renew(Token<?> token, Configuration conf) throws IOException, 077 InterruptedException { 078 TimelineClient client = TimelineClient.createTimelineClient(); 079 try { 080 client.init(conf); 081 client.start(); 082 return client.renewDelegationToken( 083 (Token<TimelineDelegationTokenIdentifier>) token); 084 } catch (YarnException e) { 085 throw new IOException(e); 086 } finally { 087 client.stop(); 088 } 089 } 090 091 @SuppressWarnings("unchecked") 092 @Override 093 public void cancel(Token<?> token, Configuration conf) throws IOException, 094 InterruptedException { 095 TimelineClient client = TimelineClient.createTimelineClient(); 096 try { 097 client.init(conf); 098 client.start(); 099 client.cancelDelegationToken( 100 (Token<TimelineDelegationTokenIdentifier>) token); 101 } catch (YarnException e) { 102 throw new IOException(e); 103 } finally { 104 client.stop(); 105 } 106 } 107 } 108 109}