Java Code Examples for org.apache.hadoop.yarn.security.client.RMDelegationTokenIdentifier#getBytes()

@Test
public void testRMDelegationTokenIdentifier() throws IOException {
  
  Text owner = new Text("user1");
  Text renewer = new Text("user2");
  Text realUser = new Text("user3");
  long issueDate = 1;
  long maxDate = 2;
  int sequenceNumber = 3;
  int masterKeyId = 4;
  
  RMDelegationTokenIdentifier token = 
      new RMDelegationTokenIdentifier(owner, renewer, realUser);
  token.setIssueDate(issueDate);
  token.setMaxDate(maxDate);
  token.setSequenceNumber(sequenceNumber);
  token.setMasterKeyId(masterKeyId);
  
  RMDelegationTokenIdentifier anotherToken = new RMDelegationTokenIdentifier();
  
  byte[] tokenContent = token.getBytes();
  DataInputBuffer dib = new DataInputBuffer();
  dib.reset(tokenContent, tokenContent.length);
  anotherToken.readFields(dib);
  dib.close();
  // verify the whole record equals with original record
  Assert.assertEquals("Token is not the same after serialization " +
      "and deserialization.", token, anotherToken);
  
  Assert.assertEquals("owner from proto is not the same with original token",
      anotherToken.getOwner(), owner);
  
  Assert.assertEquals("renewer from proto is not the same with original token",
      anotherToken.getRenewer(), renewer);
  
  Assert.assertEquals("realUser from proto is not the same with original token",
      anotherToken.getRealUser(), realUser);
  
  Assert.assertEquals("issueDate from proto is not the same with original token",
      anotherToken.getIssueDate(), issueDate);
  
  Assert.assertEquals("maxDate from proto is not the same with original token",
      anotherToken.getMaxDate(), maxDate);
  
  Assert.assertEquals("sequenceNumber from proto is not the same with original token",
      anotherToken.getSequenceNumber(), sequenceNumber);
  
  Assert.assertEquals("masterKeyId from proto is not the same with original token",
      anotherToken.getMasterKeyId(), masterKeyId);
  
  // Test getProto    
  RMDelegationTokenIdentifier token1 = 
      new RMDelegationTokenIdentifier(owner, renewer, realUser);
  token1.setIssueDate(issueDate);
  token1.setMaxDate(maxDate);
  token1.setSequenceNumber(sequenceNumber);
  token1.setMasterKeyId(masterKeyId);
  YARNDelegationTokenIdentifierProto tokenProto = token1.getProto();
  // Write token proto to stream
  ByteArrayOutputStream baos = new ByteArrayOutputStream();
  DataOutputStream out = new DataOutputStream(baos);
  tokenProto.writeTo(out);

  // Read token
  byte[] tokenData = baos.toByteArray();
  RMDelegationTokenIdentifier readToken = new RMDelegationTokenIdentifier();
  DataInputBuffer db = new DataInputBuffer();
  db.reset(tokenData, tokenData.length);
  readToken.readFields(db);

  // Verify if read token equals with original token
  Assert.assertEquals("Token from getProto is not the same after " +
      "serialization and deserialization.", token1, readToken);
  db.close();
  out.close();
}
 

@Test (timeout = 20000)
public void testAddNewTokenSentFromRMForLogAggregation() throws Exception {
  Configuration conf = new YarnConfiguration();
  conf.set(CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION,
    "kerberos");
  UserGroupInformation.setConfiguration(conf);

  ApplicationId application1 = BuilderUtils.newApplicationId(1234, 1);
  Application mockApp = mock(Application.class);
  when(mockApp.getContainers()).thenReturn(
    new HashMap<ContainerId, Container>());
  this.context.getApplications().put(application1, mockApp);
  @SuppressWarnings("resource")
  LogAggregationService logAggregationService =
      new LogAggregationService(dispatcher, this.context, this.delSrvc,
        super.dirsHandler);
  logAggregationService.init(this.conf);
  logAggregationService.start();
  logAggregationService.handle(new LogHandlerAppStartedEvent(application1,
    this.user, null, ContainerLogsRetentionPolicy.ALL_CONTAINERS, this.acls,
    Records.newRecord(LogAggregationContext.class)));

  // Inject new token for log-aggregation after app log-aggregator init
  Text userText1 = new Text("user1");
  RMDelegationTokenIdentifier dtId1 =
      new RMDelegationTokenIdentifier(userText1, new Text("renewer1"),
        userText1);
  final Token<RMDelegationTokenIdentifier> token1 =
      new Token<RMDelegationTokenIdentifier>(dtId1.getBytes(),
        "password1".getBytes(), dtId1.getKind(), new Text("service1"));
  Credentials credentials = new Credentials();
  credentials.addToken(userText1, token1);
  this.context.getSystemCredentialsForApps().put(application1, credentials);

  logAggregationService.handle(new LogHandlerAppFinishedEvent(application1));

  final UserGroupInformation ugi =
      ((AppLogAggregatorImpl) logAggregationService.getAppLogAggregators()
        .get(application1)).getUgi();

  GenericTestUtils.waitFor(new Supplier<Boolean>() {
    public Boolean get() {
      boolean hasNewToken = false;
      for (Token<?> token : ugi.getCredentials().getAllTokens()) {
        if (token.equals(token1)) {
          hasNewToken = true;
        }
      }
      return hasNewToken;
    }
  }, 1000, 20000);
  logAggregationService.stop();
}
 

public void testRMDTSecretManagerStateStore(
    RMStateStoreHelper stateStoreHelper) throws Exception {
  RMStateStore store = stateStoreHelper.getRMStateStore();
  TestDispatcher dispatcher = new TestDispatcher();
  store.setRMDispatcher(dispatcher);

  // store RM delegation token;
  RMDelegationTokenIdentifier dtId1 =
      new RMDelegationTokenIdentifier(new Text("owner1"),
        new Text("renewer1"), new Text("realuser1"));
  int sequenceNumber = 1111;
  dtId1.setSequenceNumber(sequenceNumber);
  byte[] tokenBeforeStore = dtId1.getBytes();
  Long renewDate1 = new Long(System.currentTimeMillis());
  store.storeRMDelegationToken(dtId1, renewDate1);
  modifyRMDelegationTokenState();
  Map<RMDelegationTokenIdentifier, Long> token1 =
      new HashMap<RMDelegationTokenIdentifier, Long>();
  token1.put(dtId1, renewDate1);
  // store delegation key;
  DelegationKey key = new DelegationKey(1234, 4321 , "keyBytes".getBytes());
  HashSet<DelegationKey> keySet = new HashSet<DelegationKey>();
  keySet.add(key);
  store.storeRMDTMasterKey(key);

  RMDTSecretManagerState secretManagerState =
      store.loadState().getRMDTSecretManagerState();
  Assert.assertEquals(token1, secretManagerState.getTokenState());
  Assert.assertEquals(keySet, secretManagerState.getMasterKeyState());
  Assert.assertEquals(sequenceNumber,
      secretManagerState.getDTSequenceNumber());
  RMDelegationTokenIdentifier tokenAfterStore =
      secretManagerState.getTokenState().keySet().iterator().next();
  Assert.assertTrue(Arrays.equals(tokenBeforeStore,
    tokenAfterStore.getBytes()));

  // update RM delegation token;
  renewDate1 = new Long(System.currentTimeMillis());
  store.updateRMDelegationToken(dtId1, renewDate1);
  token1.put(dtId1, renewDate1);

  RMDTSecretManagerState updateSecretManagerState =
      store.loadState().getRMDTSecretManagerState();
  Assert.assertEquals(token1, updateSecretManagerState.getTokenState());
  Assert.assertEquals(keySet, updateSecretManagerState.getMasterKeyState());
  Assert.assertEquals(sequenceNumber,
      updateSecretManagerState.getDTSequenceNumber());

  // check to delete delegationKey
  store.removeRMDTMasterKey(key);
  keySet.clear();
  RMDTSecretManagerState noKeySecretManagerState =
      store.loadState().getRMDTSecretManagerState();
  Assert.assertEquals(token1, noKeySecretManagerState.getTokenState());
  Assert.assertEquals(keySet, noKeySecretManagerState.getMasterKeyState());
  Assert.assertEquals(sequenceNumber,
      noKeySecretManagerState.getDTSequenceNumber());

  // check to delete delegationToken
  store.removeRMDelegationToken(dtId1);
  RMDTSecretManagerState noKeyAndTokenSecretManagerState =
      store.loadState().getRMDTSecretManagerState();
  token1.clear();
  Assert.assertEquals(token1,
      noKeyAndTokenSecretManagerState.getTokenState());
  Assert.assertEquals(keySet,
      noKeyAndTokenSecretManagerState.getMasterKeyState());
  Assert.assertEquals(sequenceNumber,
      noKeySecretManagerState.getDTSequenceNumber());
  store.close();

}
 

@Test
public void testRMDelegationTokenIdentifier() throws IOException {
  
  Text owner = new Text("user1");
  Text renewer = new Text("user2");
  Text realUser = new Text("user3");
  long issueDate = 1;
  long maxDate = 2;
  int sequenceNumber = 3;
  int masterKeyId = 4;
  
  RMDelegationTokenIdentifier token = 
      new RMDelegationTokenIdentifier(owner, renewer, realUser);
  token.setIssueDate(issueDate);
  token.setMaxDate(maxDate);
  token.setSequenceNumber(sequenceNumber);
  token.setMasterKeyId(masterKeyId);
  
  RMDelegationTokenIdentifier anotherToken = new RMDelegationTokenIdentifier();
  
  byte[] tokenContent = token.getBytes();
  DataInputBuffer dib = new DataInputBuffer();
  dib.reset(tokenContent, tokenContent.length);
  anotherToken.readFields(dib);
  dib.close();
  // verify the whole record equals with original record
  Assert.assertEquals("Token is not the same after serialization " +
      "and deserialization.", token, anotherToken);
  
  Assert.assertEquals("owner from proto is not the same with original token",
      anotherToken.getOwner(), owner);
  
  Assert.assertEquals("renewer from proto is not the same with original token",
      anotherToken.getRenewer(), renewer);
  
  Assert.assertEquals("realUser from proto is not the same with original token",
      anotherToken.getRealUser(), realUser);
  
  Assert.assertEquals("issueDate from proto is not the same with original token",
      anotherToken.getIssueDate(), issueDate);
  
  Assert.assertEquals("maxDate from proto is not the same with original token",
      anotherToken.getMaxDate(), maxDate);
  
  Assert.assertEquals("sequenceNumber from proto is not the same with original token",
      anotherToken.getSequenceNumber(), sequenceNumber);
  
  Assert.assertEquals("masterKeyId from proto is not the same with original token",
      anotherToken.getMasterKeyId(), masterKeyId);
  
  // Test getProto    
  RMDelegationTokenIdentifier token1 = 
      new RMDelegationTokenIdentifier(owner, renewer, realUser);
  token1.setIssueDate(issueDate);
  token1.setMaxDate(maxDate);
  token1.setSequenceNumber(sequenceNumber);
  token1.setMasterKeyId(masterKeyId);
  YARNDelegationTokenIdentifierProto tokenProto = token1.getProto();
  // Write token proto to stream
  ByteArrayOutputStream baos = new ByteArrayOutputStream();
  DataOutputStream out = new DataOutputStream(baos);
  tokenProto.writeTo(out);

  // Read token
  byte[] tokenData = baos.toByteArray();
  RMDelegationTokenIdentifier readToken = new RMDelegationTokenIdentifier();
  DataInputBuffer db = new DataInputBuffer();
  db.reset(tokenData, tokenData.length);
  readToken.readFields(db);

  // Verify if read token equals with original token
  Assert.assertEquals("Token from getProto is not the same after " +
      "serialization and deserialization.", token1, readToken);
  db.close();
  out.close();
}
 

@Test (timeout = 20000)
public void testAddNewTokenSentFromRMForLogAggregation() throws Exception {
  Configuration conf = new YarnConfiguration();
  conf.set(CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION,
    "kerberos");
  UserGroupInformation.setConfiguration(conf);

  ApplicationId application1 = BuilderUtils.newApplicationId(1234, 1);
  Application mockApp = mock(Application.class);
  when(mockApp.getContainers()).thenReturn(
    new HashMap<ContainerId, Container>());
  this.context.getApplications().put(application1, mockApp);
  @SuppressWarnings("resource")
  LogAggregationService logAggregationService =
      new LogAggregationService(dispatcher, this.context, this.delSrvc,
        super.dirsHandler);
  logAggregationService.init(this.conf);
  logAggregationService.start();
  logAggregationService.handle(new LogHandlerAppStartedEvent(application1,
    this.user, null, ContainerLogsRetentionPolicy.ALL_CONTAINERS, this.acls,
    Records.newRecord(LogAggregationContext.class)));

  // Inject new token for log-aggregation after app log-aggregator init
  Text userText1 = new Text("user1");
  RMDelegationTokenIdentifier dtId1 =
      new RMDelegationTokenIdentifier(userText1, new Text("renewer1"),
        userText1);
  final Token<RMDelegationTokenIdentifier> token1 =
      new Token<RMDelegationTokenIdentifier>(dtId1.getBytes(),
        "password1".getBytes(), dtId1.getKind(), new Text("service1"));
  Credentials credentials = new Credentials();
  credentials.addToken(userText1, token1);
  this.context.getSystemCredentialsForApps().put(application1, credentials);

  logAggregationService.handle(new LogHandlerAppFinishedEvent(application1));

  final UserGroupInformation ugi =
      ((AppLogAggregatorImpl) logAggregationService.getAppLogAggregators()
        .get(application1)).getUgi();

  GenericTestUtils.waitFor(new Supplier<Boolean>() {
    public Boolean get() {
      boolean hasNewToken = false;
      for (Token<?> token : ugi.getCredentials().getAllTokens()) {
        if (token.equals(token1)) {
          hasNewToken = true;
        }
      }
      return hasNewToken;
    }
  }, 1000, 20000);
  logAggregationService.stop();
}
 

public void testRMDTSecretManagerStateStore(
    RMStateStoreHelper stateStoreHelper) throws Exception {
  RMStateStore store = stateStoreHelper.getRMStateStore();
  TestDispatcher dispatcher = new TestDispatcher();
  store.setRMDispatcher(dispatcher);

  // store RM delegation token;
  RMDelegationTokenIdentifier dtId1 =
      new RMDelegationTokenIdentifier(new Text("owner1"),
        new Text("renewer1"), new Text("realuser1"));
  int sequenceNumber = 1111;
  dtId1.setSequenceNumber(sequenceNumber);
  byte[] tokenBeforeStore = dtId1.getBytes();
  Long renewDate1 = new Long(System.currentTimeMillis());
  store.storeRMDelegationToken(dtId1, renewDate1);
  modifyRMDelegationTokenState();
  Map<RMDelegationTokenIdentifier, Long> token1 =
      new HashMap<RMDelegationTokenIdentifier, Long>();
  token1.put(dtId1, renewDate1);
  // store delegation key;
  DelegationKey key = new DelegationKey(1234, 4321 , "keyBytes".getBytes());
  HashSet<DelegationKey> keySet = new HashSet<DelegationKey>();
  keySet.add(key);
  store.storeRMDTMasterKey(key);

  RMDTSecretManagerState secretManagerState =
      store.loadState().getRMDTSecretManagerState();
  Assert.assertEquals(token1, secretManagerState.getTokenState());
  Assert.assertEquals(keySet, secretManagerState.getMasterKeyState());
  Assert.assertEquals(sequenceNumber,
      secretManagerState.getDTSequenceNumber());
  RMDelegationTokenIdentifier tokenAfterStore =
      secretManagerState.getTokenState().keySet().iterator().next();
  Assert.assertTrue(Arrays.equals(tokenBeforeStore,
    tokenAfterStore.getBytes()));

  // update RM delegation token;
  renewDate1 = new Long(System.currentTimeMillis());
  store.updateRMDelegationToken(dtId1, renewDate1);
  token1.put(dtId1, renewDate1);

  RMDTSecretManagerState updateSecretManagerState =
      store.loadState().getRMDTSecretManagerState();
  Assert.assertEquals(token1, updateSecretManagerState.getTokenState());
  Assert.assertEquals(keySet, updateSecretManagerState.getMasterKeyState());
  Assert.assertEquals(sequenceNumber,
      updateSecretManagerState.getDTSequenceNumber());

  // check to delete delegationKey
  store.removeRMDTMasterKey(key);
  keySet.clear();
  RMDTSecretManagerState noKeySecretManagerState =
      store.loadState().getRMDTSecretManagerState();
  Assert.assertEquals(token1, noKeySecretManagerState.getTokenState());
  Assert.assertEquals(keySet, noKeySecretManagerState.getMasterKeyState());
  Assert.assertEquals(sequenceNumber,
      noKeySecretManagerState.getDTSequenceNumber());

  // check to delete delegationToken
  store.removeRMDelegationToken(dtId1);
  RMDTSecretManagerState noKeyAndTokenSecretManagerState =
      store.loadState().getRMDTSecretManagerState();
  token1.clear();
  Assert.assertEquals(token1,
      noKeyAndTokenSecretManagerState.getTokenState());
  Assert.assertEquals(keySet,
      noKeyAndTokenSecretManagerState.getMasterKeyState());
  Assert.assertEquals(sequenceNumber,
      noKeySecretManagerState.getDTSequenceNumber());
  store.close();

}