Java Code Examples for org.apache.hadoop.security.authentication.server.AuthenticationToken#parse()

The following examples show how to use org.apache.hadoop.security.authentication.server.AuthenticationToken#parse() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: LogsearchKrbFilter.java    From ambari-logsearch with Apache License 2.0 5 votes vote down vote up
/**
 * Returns the {@link AuthenticationToken} for the request.
 * <p>
 * It looks at the received HTTP cookies and extracts the value of the {@link AuthenticatedURL#AUTH_COOKIE}
 * if present. It verifies the signature and if correct it creates the {@link AuthenticationToken} and returns
 * it.
 * <p>
 * If this method returns <code>null</code> the filter will invoke the configured {@link AuthenticationHandler}
 * to perform user authentication.
 *
 * @param request request object.
 *
 * @return the Authentication token if the request is authenticated, <code>null</code> otherwise.
 *
 * @throws IOException thrown if an IO error occurred.
 * @throws AuthenticationException thrown if the token is invalid or if it has expired.
 */
protected AuthenticationToken getToken(HttpServletRequest request) throws IOException, AuthenticationException {
  AuthenticationToken token = null;
  String tokenStr = null;
  Cookie[] cookies = request.getCookies();
  if (cookies != null) {
    for (Cookie cookie : cookies) {
      if (AuthenticatedURL.AUTH_COOKIE.equals(cookie.getName())) {
        tokenStr = cookie.getValue();
        try {
          tokenStr = signer.verifyAndExtract(tokenStr);
        } catch (SignerException ex) {
          throw new AuthenticationException(ex);
        }
        break;
      }
    }
  }
  if (tokenStr != null) {
    token = AuthenticationToken.parse(tokenStr);
    if(token != null){
      if (!token.getType().equals(authHandler.getType())) {
        throw new AuthenticationException("Invalid AuthenticationToken type");
      }
      if (token.isExpired()) {
        throw new AuthenticationException("AuthenticationToken expired"); 
      }
    }
  }
  return token;
}
 
Example 2
Source File: AtlasAuthenticationFilter.java    From atlas with Apache License 2.0 5 votes vote down vote up
@Override
protected AuthenticationToken getToken(HttpServletRequest request)
        throws IOException, AuthenticationException {
    AuthenticationToken token = null;
    String tokenStr = null;
    Cookie[] cookies = request.getCookies();
    if (cookies != null) {
        for (Cookie cookie : cookies) {
            if (cookie.getName().equals(AuthenticatedURL.AUTH_COOKIE)) {
                tokenStr = cookie.getValue();
                try {
                    tokenStr = this.signer.verifyAndExtract(tokenStr);
                } catch (SignerException ex) {
                    throw new AuthenticationException(ex);
                }
            }
        }
    }

    if (tokenStr != null) {
        token = AuthenticationToken.parse(tokenStr);
        if (token != null) {
            AuthenticationHandler authHandler = getAuthenticationHandler();
            if (!token.getType().equals(authHandler.getType())) {
                throw new AuthenticationException("Invalid AuthenticationToken type");
            }
            if (token.isExpired()) {
                throw new AuthenticationException("AuthenticationToken expired");
            }
        }
    }
    return token;
}
 
Example 3
Source File: AtlasAuthenticationFilter.java    From incubator-atlas with Apache License 2.0 5 votes vote down vote up
@Override
protected AuthenticationToken getToken(HttpServletRequest request)
        throws IOException, AuthenticationException {
    AuthenticationToken token = null;
    String tokenStr = null;
    Cookie[] cookies = request.getCookies();
    if (cookies != null) {
        for (Cookie cookie : cookies) {
            if (cookie.getName().equals(AuthenticatedURL.AUTH_COOKIE)) {
                tokenStr = cookie.getValue();
                try {
                    tokenStr = this.signer.verifyAndExtract(tokenStr);
                } catch (SignerException ex) {
                    throw new AuthenticationException(ex);
                }
            }
        }
    }

    if (tokenStr != null) {
        token = AuthenticationToken.parse(tokenStr);
        if (token != null) {
            AuthenticationHandler authHandler = getAuthenticationHandler();
            if (!token.getType().equals(authHandler.getType())) {
                throw new AuthenticationException("Invalid AuthenticationToken type");
            }
            if (token.isExpired()) {
                throw new AuthenticationException("AuthenticationToken expired");
            }
        }
    }
    return token;
}
 
Example 4
Source File: KerberosRealm.java    From zeppelin with Apache License 2.0 5 votes vote down vote up
private static AuthenticationToken getTokenFromCookies(Cookie[] cookies)
    throws AuthenticationException {
  AuthenticationToken token = null;
  String tokenStr = null;
  if (cookies != null) {
    for (Cookie cookie : cookies) {
      if (cookie.getName().equals(AuthenticatedURL.AUTH_COOKIE)) {
        tokenStr = cookie.getValue();
        if (tokenStr.isEmpty()) {
          throw new AuthenticationException("Empty token");
        }
        try {
          tokenStr = signer.verifyAndExtract(tokenStr);
        } catch (SignerException ex) {
          throw new AuthenticationException(ex);
        }
        break;
      }
    }
  }
  if (tokenStr != null) {
    token = AuthenticationToken.parse(tokenStr);
    boolean match = verifyTokenType(token);
    if (!match) {
      throw new AuthenticationException("Invalid AuthenticationToken type");
    }
    if (token.isExpired()) {
      throw new AuthenticationException("AuthenticationToken expired");
    }
  }
  return token;
}
 
Example 5
Source File: RangerKrbFilter.java    From ranger with Apache License 2.0 5 votes vote down vote up
/**
 * Returns the {@link AuthenticationToken} for the request.
 * <p>
 * It looks at the received HTTP cookies and extracts the value of the {@link AuthenticatedURL#AUTH_COOKIE}
 * if present. It verifies the signature and if correct it creates the {@link AuthenticationToken} and returns
 * it.
 * <p>
 * If this method returns <code>null</code> the filter will invoke the configured {@link AuthenticationHandler}
 * to perform user authentication.
 *
 * @param request request object.
 *
 * @return the Authentication token if the request is authenticated, <code>null</code> otherwise.
 *
 * @throws IOException thrown if an IO error occurred.
 * @throws AuthenticationException thrown if the token is invalid or if it has expired.
 */
protected AuthenticationToken getToken(HttpServletRequest request) throws IOException, AuthenticationException {
  AuthenticationToken token = null;
  String tokenStr = null;
  Cookie[] cookies = request.getCookies();
  if (cookies != null) {
    for (Cookie cookie : cookies) {
      if (AuthenticatedURL.AUTH_COOKIE.equals(cookie.getName())) {
        tokenStr = cookie.getValue();
        try {
          tokenStr = signer.verifyAndExtract(tokenStr);
        } catch (SignerException ex) {
          throw new AuthenticationException(ex);
        }
        break;
      }
    }
  }
  if (tokenStr != null) {
    token = AuthenticationToken.parse(tokenStr);
    if(token != null){
     if (!token.getType().equals(authHandler.getType())) {
      	throw new AuthenticationException("Invalid AuthenticationToken type");
     }
     if (token.isExpired()) {
      	throw new AuthenticationException("AuthenticationToken expired");
     }
    }
  }
  return token;
}