001/** 002* Licensed to the Apache Software Foundation (ASF) under one 003* or more contributor license agreements. See the NOTICE file 004* distributed with this work for additional information 005* regarding copyright ownership. The ASF licenses this file 006* to you under the Apache License, Version 2.0 (the 007* "License"); you may not use this file except in compliance 008* with the License. You may obtain a copy of the License at 009* 010* http://www.apache.org/licenses/LICENSE-2.0 011* 012* Unless required by applicable law or agreed to in writing, software 013* distributed under the License is distributed on an "AS IS" BASIS, 014* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 015* See the License for the specific language governing permissions and 016* limitations under the License. 017*/ 018 019package org.apache.hadoop.yarn.security; 020 021import java.io.DataInput; 022import java.io.DataOutput; 023import java.io.IOException; 024 025import org.apache.hadoop.classification.InterfaceAudience; 026import org.apache.hadoop.classification.InterfaceAudience.Private; 027import org.apache.hadoop.classification.InterfaceAudience.Public; 028import org.apache.hadoop.classification.InterfaceStability.Evolving; 029import org.apache.hadoop.io.Text; 030import org.apache.hadoop.security.UserGroupInformation; 031import org.apache.hadoop.security.token.Token; 032import org.apache.hadoop.security.token.TokenIdentifier; 033import org.apache.hadoop.yarn.api.records.ApplicationAttemptId; 034import org.apache.hadoop.yarn.api.records.ApplicationId; 035 036/** 037 * AMRMTokenIdentifier is the TokenIdentifier to be used by 038 * ApplicationMasters to authenticate to the ResourceManager. 039 */ 040@Public 041@Evolving 042public class AMRMTokenIdentifier extends TokenIdentifier { 043 044 public static final Text KIND_NAME = new Text("YARN_AM_RM_TOKEN"); 045 046 private ApplicationAttemptId applicationAttemptId; 047 private int keyId = Integer.MIN_VALUE; 048 049 public AMRMTokenIdentifier() { 050 } 051 052 public AMRMTokenIdentifier(ApplicationAttemptId appAttemptId) { 053 this(); 054 this.applicationAttemptId = appAttemptId; 055 } 056 057 public AMRMTokenIdentifier(ApplicationAttemptId appAttemptId, 058 int masterKeyId) { 059 this(); 060 this.applicationAttemptId = appAttemptId; 061 this.keyId = masterKeyId; 062 } 063 064 @Private 065 public ApplicationAttemptId getApplicationAttemptId() { 066 return this.applicationAttemptId; 067 } 068 069 @Override 070 public void write(DataOutput out) throws IOException { 071 ApplicationId appId = this.applicationAttemptId.getApplicationId(); 072 out.writeLong(appId.getClusterTimestamp()); 073 out.writeInt(appId.getId()); 074 out.writeInt(this.applicationAttemptId.getAttemptId()); 075 out.writeInt(this.keyId); 076 } 077 078 @Override 079 public void readFields(DataInput in) throws IOException { 080 long clusterTimeStamp = in.readLong(); 081 int appId = in.readInt(); 082 int attemptId = in.readInt(); 083 ApplicationId applicationId = 084 ApplicationId.newInstance(clusterTimeStamp, appId); 085 this.applicationAttemptId = 086 ApplicationAttemptId.newInstance(applicationId, attemptId); 087 this.keyId = in.readInt(); 088 } 089 090 @Override 091 public Text getKind() { 092 return KIND_NAME; 093 } 094 095 @Override 096 public UserGroupInformation getUser() { 097 if (this.applicationAttemptId == null 098 || "".equals(this.applicationAttemptId.toString())) { 099 return null; 100 } 101 return UserGroupInformation.createRemoteUser(this.applicationAttemptId 102 .toString()); 103 } 104 105 public int getKeyId() { 106 return this.keyId; 107 } 108 109 // TODO: Needed? 110 @InterfaceAudience.Private 111 public static class Renewer extends Token.TrivialRenewer { 112 @Override 113 protected Text getKind() { 114 return KIND_NAME; 115 } 116 } 117}