From 162af5e2832b2669f2ca948215ed094705643025 Mon Sep 17 00:00:00 2001 From: yantian Date: Mon, 9 Dec 2024 14:18:21 +0800 Subject: [PATCH] create credentials provider by conf about auth --- .../rest/RESTCatalogInternalOptions.java | 5 ++ .../paimon/rest/RESTCatalogOptions.java | 5 -- .../rest/auth/CredentialsProviderFactory.java | 16 +++--- .../apache/paimon/rest/RESTCatalogTest.java | 5 -- .../auth/CredentialsProviderFactoryTest.java | 51 ++++++++++++------- 5 files changed, 47 insertions(+), 35 deletions(-) diff --git a/paimon-core/src/main/java/org/apache/paimon/rest/RESTCatalogInternalOptions.java b/paimon-core/src/main/java/org/apache/paimon/rest/RESTCatalogInternalOptions.java index cf61caa20e88..62a8bf134ae5 100644 --- a/paimon-core/src/main/java/org/apache/paimon/rest/RESTCatalogInternalOptions.java +++ b/paimon-core/src/main/java/org/apache/paimon/rest/RESTCatalogInternalOptions.java @@ -28,4 +28,9 @@ public class RESTCatalogInternalOptions { .stringType() .noDefaultValue() .withDescription("REST Catalog uri's prefix."); + public static final ConfigOption CREDENTIALS_PROVIDER = + ConfigOptions.key("credentials-provider") + .stringType() + .noDefaultValue() + .withDescription("REST Catalog auth credentials provider."); } diff --git a/paimon-core/src/main/java/org/apache/paimon/rest/RESTCatalogOptions.java b/paimon-core/src/main/java/org/apache/paimon/rest/RESTCatalogOptions.java index bc405b996a94..85fac413bba6 100644 --- a/paimon-core/src/main/java/org/apache/paimon/rest/RESTCatalogOptions.java +++ b/paimon-core/src/main/java/org/apache/paimon/rest/RESTCatalogOptions.java @@ -65,9 +65,4 @@ public class RESTCatalogOptions { .stringType() .noDefaultValue() .withDescription("REST Catalog auth token file path."); - public static final ConfigOption CREDENTIALS_PROVIDER = - ConfigOptions.key("credentials-provider") - .stringType() - .noDefaultValue() - .withDescription("REST Catalog auth credentials provider."); } diff --git a/paimon-core/src/main/java/org/apache/paimon/rest/auth/CredentialsProviderFactory.java b/paimon-core/src/main/java/org/apache/paimon/rest/auth/CredentialsProviderFactory.java index cf918805cbae..50c3564ad8c6 100644 --- a/paimon-core/src/main/java/org/apache/paimon/rest/auth/CredentialsProviderFactory.java +++ b/paimon-core/src/main/java/org/apache/paimon/rest/auth/CredentialsProviderFactory.java @@ -23,7 +23,7 @@ import org.apache.paimon.options.Options; import org.apache.paimon.rest.RESTCatalogOptions; -import static org.apache.paimon.rest.RESTCatalogOptions.CREDENTIALS_PROVIDER; +import static org.apache.paimon.rest.RESTCatalogInternalOptions.CREDENTIALS_PROVIDER; /** Factory for creating {@link CredentialsProvider}. */ public interface CredentialsProviderFactory extends Factory { @@ -34,17 +34,21 @@ default CredentialsProvider create(Options options) { } static CredentialsProvider createCredentialsProvider(Options options, ClassLoader classLoader) { - String credentialsProviderIdentifier = options.get(CREDENTIALS_PROVIDER); + String credentialsProviderIdentifier = getCredentialsProviderTypeByConf(options).name(); CredentialsProviderFactory credentialsProviderFactory = FactoryUtil.discoverFactory( classLoader, CredentialsProviderFactory.class, credentialsProviderIdentifier); + return credentialsProviderFactory.create(options); + } - try { - return credentialsProviderFactory.create(options); - } catch (UnsupportedOperationException ignore) { + static CredentialsProviderType getCredentialsProviderTypeByConf(Options options) { + if (options.getOptional(CREDENTIALS_PROVIDER).isPresent()) { + return CredentialsProviderType.valueOf(options.get(CREDENTIALS_PROVIDER)); + } else if (options.getOptional(RESTCatalogOptions.TOKEN_PROVIDER_PATH).isPresent()) { + return CredentialsProviderType.BEAR_TOKEN_FILE; } - return new BearTokenCredentialsProvider(options.get(RESTCatalogOptions.TOKEN)); + return CredentialsProviderType.BEAR_TOKEN; } } diff --git a/paimon-core/src/test/java/org/apache/paimon/rest/RESTCatalogTest.java b/paimon-core/src/test/java/org/apache/paimon/rest/RESTCatalogTest.java index 40983d82d6dd..3ed8730862ee 100644 --- a/paimon-core/src/test/java/org/apache/paimon/rest/RESTCatalogTest.java +++ b/paimon-core/src/test/java/org/apache/paimon/rest/RESTCatalogTest.java @@ -20,7 +20,6 @@ import org.apache.paimon.options.CatalogOptions; import org.apache.paimon.options.Options; -import org.apache.paimon.rest.auth.CredentialsProviderType; import okhttp3.mockwebserver.MockResponse; import okhttp3.mockwebserver.MockWebServer; @@ -51,8 +50,6 @@ public void setUp() throws IOException { options.set(RESTCatalogOptions.TOKEN, initToken); options.set(RESTCatalogOptions.THREAD_POOL_SIZE, 1); mockOptions(RESTCatalogInternalOptions.PREFIX.key(), "prefix"); - options.set( - RESTCatalogOptions.CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN.name()); restCatalog = new RESTCatalog(options); } @@ -65,8 +62,6 @@ public void tearDown() throws IOException { public void testInitFailWhenDefineWarehouse() { Options options = new Options(); options.set(CatalogOptions.WAREHOUSE, "/a/b/c"); - options.set( - RESTCatalogOptions.CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN.name()); assertThrows(IllegalArgumentException.class, () -> new RESTCatalog(options)); } diff --git a/paimon-core/src/test/java/org/apache/paimon/rest/auth/CredentialsProviderFactoryTest.java b/paimon-core/src/test/java/org/apache/paimon/rest/auth/CredentialsProviderFactoryTest.java index c2ef4923175e..c676064e1cf6 100644 --- a/paimon-core/src/test/java/org/apache/paimon/rest/auth/CredentialsProviderFactoryTest.java +++ b/paimon-core/src/test/java/org/apache/paimon/rest/auth/CredentialsProviderFactoryTest.java @@ -30,6 +30,7 @@ import java.time.Duration; import java.util.UUID; +import static org.apache.paimon.rest.RESTCatalogInternalOptions.CREDENTIALS_PROVIDER; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertThrows; @@ -43,8 +44,6 @@ public void testCreateBearTokenCredentialsProviderSuccess() { Options options = new Options(); String token = UUID.randomUUID().toString(); options.set(RESTCatalogOptions.TOKEN, token); - options.set( - RESTCatalogOptions.CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN.name()); BearTokenCredentialsProvider credentialsProvider = (BearTokenCredentialsProvider) CredentialsProviderFactory.createCredentialsProvider( @@ -55,8 +54,6 @@ public void testCreateBearTokenCredentialsProviderSuccess() { @Test public void testCreateBearTokenCredentialsProviderFail() { Options options = new Options(); - options.set( - RESTCatalogOptions.CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN.name()); assertThrows( IllegalArgumentException.class, () -> @@ -72,9 +69,7 @@ public void testCreateBearTokenFileCredentialsProviderSuccess() throws Exception String token = UUID.randomUUID().toString(); FileUtils.writeStringToFile(tokenFile, token); options.set(RESTCatalogOptions.TOKEN_PROVIDER_PATH, tokenFile.getPath()); - options.set( - RESTCatalogOptions.CREDENTIALS_PROVIDER, - CredentialsProviderType.BEAR_TOKEN_FILE.name()); + options.set(CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN_FILE.name()); BearTokenFileCredentialsProvider credentialsProvider = (BearTokenFileCredentialsProvider) CredentialsProviderFactory.createCredentialsProvider( @@ -85,9 +80,7 @@ public void testCreateBearTokenFileCredentialsProviderSuccess() throws Exception @Test public void testCreateBearTokenFileCredentialsProviderFail() throws Exception { Options options = new Options(); - options.set( - RESTCatalogOptions.CREDENTIALS_PROVIDER, - CredentialsProviderType.BEAR_TOKEN_FILE.name()); + options.set(CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN_FILE.name()); assertThrows( IllegalArgumentException.class, () -> @@ -102,9 +95,7 @@ public void testCreateRefreshBearTokenFileCredentialsProviderSuccess() throws Ex File tokenFile = folder.newFile(fileName); String token = UUID.randomUUID().toString(); FileUtils.writeStringToFile(tokenFile, token); - options.set( - RESTCatalogOptions.CREDENTIALS_PROVIDER, - CredentialsProviderType.BEAR_TOKEN_FILE.name()); + options.set(CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN_FILE.name()); options.set(RESTCatalogOptions.TOKEN_PROVIDER_PATH, tokenFile.getPath()); options.set(RESTCatalogOptions.TOKEN_REFRESH_ENABLED, true); options.set(RESTCatalogOptions.TOKEN_EXPIRATION_TIME, Duration.ofSeconds(10L)); @@ -122,18 +113,40 @@ public void testCreateRefreshBearTokenFileCredentialsProviderFail() throws Excep File tokenFile = folder.newFile(fileName); String token = UUID.randomUUID().toString(); FileUtils.writeStringToFile(tokenFile, token); - options.set( - RESTCatalogOptions.CREDENTIALS_PROVIDER, - CredentialsProviderType.BEAR_TOKEN_FILE.name()); + options.set(CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN_FILE.name()); options.set(RESTCatalogOptions.TOKEN_PROVIDER_PATH, tokenFile.getPath()); options.set(RESTCatalogOptions.TOKEN_REFRESH_ENABLED, true); - options.set( - RESTCatalogOptions.CREDENTIALS_PROVIDER, - CredentialsProviderType.BEAR_TOKEN_FILE.name()); + options.set(CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN_FILE.name()); assertThrows( IllegalArgumentException.class, () -> CredentialsProviderFactory.createCredentialsProvider( options, this.getClass().getClassLoader())); } + + @Test + public void getCredentialsProviderTypeByConfWhenDefineTokenPath() { + Options options = new Options(); + options.set(RESTCatalogOptions.TOKEN_PROVIDER_PATH, "/a/b/c"); + assertEquals( + CredentialsProviderType.BEAR_TOKEN_FILE, + CredentialsProviderFactory.getCredentialsProviderTypeByConf(options)); + } + + @Test + public void getCredentialsProviderTypeByConfWhenConfNotDefined() { + Options options = new Options(); + assertEquals( + CredentialsProviderType.BEAR_TOKEN, + CredentialsProviderFactory.getCredentialsProviderTypeByConf(options)); + } + + @Test + public void getCredentialsProviderTypeByConfWhenDefineProviderType() { + Options options = new Options(); + options.set(CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN_FILE.name()); + assertEquals( + CredentialsProviderType.BEAR_TOKEN_FILE, + CredentialsProviderFactory.getCredentialsProviderTypeByConf(options)); + } }