001/**
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements.  See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership.  The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018
019package org.apache.hadoop.yarn.security.client;
020
021import java.io.DataInput;
022import java.io.DataOutput;
023import java.io.IOException;
024
025import org.apache.hadoop.classification.InterfaceAudience;
026import org.apache.hadoop.classification.InterfaceAudience.Public;
027import org.apache.hadoop.classification.InterfaceStability.Evolving;
028import org.apache.hadoop.io.Text;
029import org.apache.hadoop.security.UserGroupInformation;
030import org.apache.hadoop.security.token.Token;
031import org.apache.hadoop.security.token.TokenIdentifier;
032import org.apache.hadoop.yarn.api.records.ApplicationAttemptId;
033import org.apache.hadoop.yarn.api.records.ApplicationId;
034
035@Public
036@Evolving
037public class ClientToAMTokenIdentifier extends TokenIdentifier {
038
039  public static final Text KIND_NAME = new Text("YARN_CLIENT_TOKEN");
040
041  private ApplicationAttemptId applicationAttemptId;
042  private Text clientName = new Text();
043
044  // TODO: Add more information in the tokenID such that it is not
045  // transferrable, more secure etc.
046
047  public ClientToAMTokenIdentifier() {
048  }
049
050  public ClientToAMTokenIdentifier(ApplicationAttemptId id, String client) {
051    this();
052    this.applicationAttemptId = id;
053    this.clientName = new Text(client);
054  }
055
056  public ApplicationAttemptId getApplicationAttemptID() {
057    return this.applicationAttemptId;
058  }
059
060  public String getClientName() {
061    return this.clientName.toString();
062  }
063
064  @Override
065  public void write(DataOutput out) throws IOException {
066    out.writeLong(this.applicationAttemptId.getApplicationId()
067      .getClusterTimestamp());
068    out.writeInt(this.applicationAttemptId.getApplicationId().getId());
069    out.writeInt(this.applicationAttemptId.getAttemptId());
070    this.clientName.write(out);
071  }
072
073  @Override
074  public void readFields(DataInput in) throws IOException {
075    this.applicationAttemptId =
076        ApplicationAttemptId.newInstance(
077          ApplicationId.newInstance(in.readLong(), in.readInt()), in.readInt());
078    this.clientName.readFields(in);
079  }
080
081  @Override
082  public Text getKind() {
083    return KIND_NAME;
084  }
085
086  @Override
087  public UserGroupInformation getUser() {
088    if (this.clientName == null) {
089      return null;
090    }
091    return UserGroupInformation.createRemoteUser(this.clientName.toString());
092  }
093
094  @InterfaceAudience.Private
095  public static class Renewer extends Token.TrivialRenewer {
096    @Override
097    protected Text getKind() {
098      return KIND_NAME;
099    }
100  }
101}