001/**
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018
019package org.apache.hadoop.security.alias;
020
021import java.io.IOException;
022import java.net.URI;
023import java.net.URISyntaxException;
024import java.util.ArrayList;
025import java.util.List;
026import java.util.ServiceLoader;
027
028import org.apache.hadoop.classification.InterfaceAudience;
029import org.apache.hadoop.classification.InterfaceStability;
030import org.apache.hadoop.conf.Configuration;
031import org.apache.hadoop.fs.CommonConfigurationKeysPublic;
032
033/**
034 * A factory to create a list of CredentialProvider based on the path given in a
035 * Configuration. It uses a service loader interface to find the available
036 * CredentialProviders and create them based on the list of URIs.
037 */
038@InterfaceAudience.Public
039@InterfaceStability.Unstable
040public abstract class CredentialProviderFactory {
041  public static final String CREDENTIAL_PROVIDER_PATH =
042      CommonConfigurationKeysPublic.HADOOP_SECURITY_CREDENTIAL_PROVIDER_PATH;
043
044  public abstract CredentialProvider createProvider(URI providerName,
045                                             Configuration conf
046                                             ) throws IOException;
047
048  private static final ServiceLoader<CredentialProviderFactory> serviceLoader =
049      ServiceLoader.load(CredentialProviderFactory.class,
050          CredentialProviderFactory.class.getClassLoader());
051
052  public static List<CredentialProvider> getProviders(Configuration conf
053                                               ) throws IOException {
054    List<CredentialProvider> result = new ArrayList<CredentialProvider>();
055    for(String path: conf.getStringCollection(CREDENTIAL_PROVIDER_PATH)) {
056      try {
057        URI uri = new URI(path);
058        boolean found = false;
059        // Iterate serviceLoader in a synchronized block since
060        // serviceLoader iterator is not thread-safe.
061        synchronized (serviceLoader) {
062          for (CredentialProviderFactory factory : serviceLoader) {
063            CredentialProvider kp = factory.createProvider(uri, conf);
064            if (kp != null) {
065              result.add(kp);
066              found = true;
067              break;
068            }
069          }
070        }
071        if (!found) {
072          throw new IOException("No CredentialProviderFactory for " + uri + " in " +
073              CREDENTIAL_PROVIDER_PATH);
074        }
075      } catch (URISyntaxException error) {
076        throw new IOException("Bad configuration of " + CREDENTIAL_PROVIDER_PATH +
077            " at " + path, error);
078      }
079    }
080    return result;
081  }
082}