001/**
002* Licensed to the Apache Software Foundation (ASF) under one
003* or more contributor license agreements.  See the NOTICE file
004* distributed with this work for additional information
005* regarding copyright ownership.  The ASF licenses this file
006* to you under the Apache License, Version 2.0 (the
007* "License"); you may not use this file except in compliance
008* with the License.  You may obtain a copy of the License at
009*
010*     http://www.apache.org/licenses/LICENSE-2.0
011*
012* Unless required by applicable law or agreed to in writing, software
013* distributed under the License is distributed on an "AS IS" BASIS,
014* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015* See the License for the specific language governing permissions and
016* limitations under the License.
017*/
018
019package org.apache.hadoop.yarn.security;
020
021import java.io.DataInput;
022import java.io.DataOutput;
023import java.io.IOException;
024
025import org.apache.hadoop.classification.InterfaceAudience;
026import org.apache.hadoop.classification.InterfaceAudience.Private;
027import org.apache.hadoop.classification.InterfaceAudience.Public;
028import org.apache.hadoop.classification.InterfaceStability.Evolving;
029import org.apache.hadoop.io.Text;
030import org.apache.hadoop.security.UserGroupInformation;
031import org.apache.hadoop.security.token.Token;
032import org.apache.hadoop.security.token.TokenIdentifier;
033import org.apache.hadoop.yarn.api.records.ApplicationAttemptId;
034import org.apache.hadoop.yarn.api.records.ApplicationId;
035
036/**
037 * AMRMTokenIdentifier is the TokenIdentifier to be used by
038 * ApplicationMasters to authenticate to the ResourceManager.
039 */
040@Public
041@Evolving
042public class AMRMTokenIdentifier extends TokenIdentifier {
043
044  public static final Text KIND_NAME = new Text("YARN_AM_RM_TOKEN");
045
046  private ApplicationAttemptId applicationAttemptId;
047  private int keyId = Integer.MIN_VALUE;
048
049  public AMRMTokenIdentifier() {
050  }
051
052  public AMRMTokenIdentifier(ApplicationAttemptId appAttemptId) {
053    this();
054    this.applicationAttemptId = appAttemptId;
055  }
056
057  public AMRMTokenIdentifier(ApplicationAttemptId appAttemptId,
058      int masterKeyId) {
059    this();
060    this.applicationAttemptId = appAttemptId;
061    this.keyId = masterKeyId;
062  }
063
064  @Private
065  public ApplicationAttemptId getApplicationAttemptId() {
066    return this.applicationAttemptId;
067  }
068
069  @Override
070  public void write(DataOutput out) throws IOException {
071    ApplicationId appId = this.applicationAttemptId.getApplicationId();
072    out.writeLong(appId.getClusterTimestamp());
073    out.writeInt(appId.getId());
074    out.writeInt(this.applicationAttemptId.getAttemptId());
075    out.writeInt(this.keyId);
076  }
077
078  @Override
079  public void readFields(DataInput in) throws IOException {
080    long clusterTimeStamp = in.readLong();
081    int appId = in.readInt();
082    int attemptId = in.readInt();
083    ApplicationId applicationId =
084        ApplicationId.newInstance(clusterTimeStamp, appId);
085    this.applicationAttemptId =
086        ApplicationAttemptId.newInstance(applicationId, attemptId);
087    this.keyId = in.readInt();
088  }
089
090  @Override
091  public Text getKind() {
092    return KIND_NAME;
093  }
094
095  @Override
096  public UserGroupInformation getUser() {
097    if (this.applicationAttemptId == null
098        || "".equals(this.applicationAttemptId.toString())) {
099      return null;
100    }
101    return UserGroupInformation.createRemoteUser(this.applicationAttemptId
102        .toString());
103  }
104
105  public int getKeyId() {
106    return this.keyId;
107  }
108
109  // TODO: Needed?
110  @InterfaceAudience.Private
111  public static class Renewer extends Token.TrivialRenewer {
112    @Override
113    protected Text getKind() {
114      return KIND_NAME;
115    }
116  }
117}