View Javadoc

1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *     http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing, software
13   * distributed under the License is distributed on an "AS IS" BASIS,
14   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15   * See the License for the specific language governing permissions and
16   * limitations under the License.
17   */
18  
19  package org.apache.hadoop.hbase.security.token;
20  
21  import javax.crypto.SecretKey;
22  import java.io.DataInput;
23  import java.io.DataOutput;
24  import java.io.IOException;
25  
26  import org.apache.hadoop.hbase.classification.InterfaceAudience;
27  import org.apache.hadoop.hbase.util.Bytes;
28  import org.apache.hadoop.io.Writable;
29  import org.apache.hadoop.io.WritableUtils;
30  
31  /**
32   * Represents a secret key used for signing and verifying authentication tokens
33   * by {@link AuthenticationTokenSecretManager}.
34   */
35  @InterfaceAudience.Private
36  public class AuthenticationKey implements Writable {
37    private int id;
38    private long expirationDate;
39    private SecretKey secret;
40  
41    public AuthenticationKey() {
42      // for Writable
43    }
44  
45    public AuthenticationKey(int keyId, long expirationDate, SecretKey key) {
46      this.id = keyId;
47      this.expirationDate = expirationDate;
48      this.secret = key;
49    }
50  
51    public int getKeyId() {
52      return id;
53    }
54  
55    public long getExpiration() {
56      return expirationDate;
57    }
58  
59    public void setExpiration(long timestamp) {
60      expirationDate = timestamp;
61    }
62  
63    SecretKey getKey() {
64      return secret;
65    }
66  
67    @Override
68    public boolean equals(Object obj) {
69      if (obj == null || !(obj instanceof AuthenticationKey)) {
70        return false;
71      }
72      AuthenticationKey other = (AuthenticationKey)obj;
73      return id == other.getKeyId() &&
74          expirationDate == other.getExpiration() &&
75          (secret == null ? other.getKey() == null :
76              other.getKey() != null &&
77                  Bytes.equals(secret.getEncoded(), other.getKey().getEncoded()));       
78    }
79  
80    @Override
81    public String toString() {
82      StringBuilder buf = new StringBuilder();
83      buf.append("AuthenticationKey[ ")
84         .append("id=").append(id)
85         .append(", expiration=").append(expirationDate)
86         .append(" ]");
87      return buf.toString();
88    }
89  
90    @Override
91    public void write(DataOutput out) throws IOException {
92      WritableUtils.writeVInt(out, id);
93      WritableUtils.writeVLong(out, expirationDate);
94      if (secret == null) {
95        WritableUtils.writeVInt(out, -1);
96      } else {
97        byte[] keyBytes = secret.getEncoded();
98        WritableUtils.writeVInt(out, keyBytes.length);
99        out.write(keyBytes);
100     }
101   }
102 
103   @Override
104   public void readFields(DataInput in) throws IOException {
105     id = WritableUtils.readVInt(in);
106     expirationDate = WritableUtils.readVLong(in);
107     int keyLength = WritableUtils.readVInt(in);
108     if (keyLength < 0) {
109       secret = null;
110     } else {
111       byte[] keyBytes = new byte[keyLength];
112       in.readFully(keyBytes);
113       secret = AuthenticationTokenSecretManager.createSecretKey(keyBytes);
114     }
115   }
116 }