Skip to content

Commit

Permalink
move AuthOptions to RESTCatalogOptions and update option name about auth
Browse files Browse the repository at this point in the history
  • Loading branch information
jerry-024 committed Dec 9, 2024
1 parent d234bb1 commit 68c69dd
Show file tree
Hide file tree
Showing 9 changed files with 82 additions and 110 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,6 @@
import org.apache.paimon.manifest.PartitionEntry;
import org.apache.paimon.options.CatalogOptions;
import org.apache.paimon.options.Options;
import org.apache.paimon.rest.auth.AuthOptions;
import org.apache.paimon.rest.auth.AuthSession;
import org.apache.paimon.rest.auth.CredentialsProvider;
import org.apache.paimon.rest.auth.CredentialsProviderFactory;
Expand Down Expand Up @@ -81,7 +80,7 @@ public RESTCatalog(Options options) {
CredentialsProvider credentialsProvider =
CredentialsProviderFactory.createCredentialsProvider(
options, RESTCatalog.class.getClassLoader());
this.keepTokenRefreshed = options.get(AuthOptions.TOKEN_REFRESH_ENABLED);
this.keepTokenRefreshed = options.get(RESTCatalogOptions.TOKEN_REFRESH_ENABLED);
if (keepTokenRefreshed) {
this.catalogAuth =
AuthSession.fromRefreshCredentialsProvider(
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -45,4 +45,29 @@ public class RESTCatalogOptions {
.intType()
.defaultValue(1)
.withDescription("REST Catalog http client thread num.");
public static final ConfigOption<String> TOKEN =
ConfigOptions.key("token")
.stringType()
.noDefaultValue()
.withDescription("REST Catalog auth token.");
public static final ConfigOption<Duration> TOKEN_EXPIRATION_TIME =
ConfigOptions.key("token.expiration-time")
.durationType()
.defaultValue(Duration.ofHours(1))
.withDescription("REST Catalog auth token expires in.");
public static final ConfigOption<Boolean> TOKEN_REFRESH_ENABLED =
ConfigOptions.key("token-refresh-enabled")
.booleanType()
.defaultValue(false)
.withDescription("REST Catalog auth token refresh enable.");
public static final ConfigOption<String> TOKEN_PROVIDER_PATH =
ConfigOptions.key("token.provider.path")
.stringType()
.noDefaultValue()
.withDescription("REST Catalog auth token file path.");
public static final ConfigOption<String> CREDENTIALS_PROVIDER =
ConfigOptions.key("credentials-provider")
.stringType()
.noDefaultValue()
.withDescription("REST Catalog auth credentials provider.");
}

This file was deleted.

Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@
package org.apache.paimon.rest.auth;

import org.apache.paimon.options.Options;
import org.apache.paimon.rest.RESTCatalogOptions;
import org.apache.paimon.utils.StringUtils;

/** factory for create {@link BearTokenCredentialsProvider}. */
Expand All @@ -30,12 +31,12 @@ public String identifier() {

@Override
public CredentialsProvider create(Options options) {
if (options.getOptional(AuthOptions.TOKEN)
if (options.getOptional(RESTCatalogOptions.TOKEN)
.map(StringUtils::isNullOrWhitespaceOnly)
.orElse(true)) {
throw new IllegalArgumentException(
AuthOptions.TOKEN.key() + " is required and not empty");
RESTCatalogOptions.TOKEN.key() + " is required and not empty");
}
return new BearTokenCredentialsProvider(options.get(AuthOptions.TOKEN));
return new BearTokenCredentialsProvider(options.get(RESTCatalogOptions.TOKEN));
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -18,14 +18,12 @@

package org.apache.paimon.rest.auth;

import org.apache.paimon.utils.Pair;
import org.apache.paimon.utils.FileIOUtils;
import org.apache.paimon.utils.StringUtils;

import java.io.File;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.io.UncheckedIOException;
import java.util.Optional;

/** credentials provider for get bear token from file. */
Expand All @@ -41,16 +39,13 @@ public class BearTokenFileCredentialsProvider extends BaseBearTokenCredentialsPr

public BearTokenFileCredentialsProvider(String tokenFilePath) {
this.tokenFilePath = tokenFilePath;
Pair<String, Long> token2GenerateTime = getTokenAndGenerateTimeFromFile();
this.token = token2GenerateTime.getLeft();
this.token = getTokenFromFile();
}

public BearTokenFileCredentialsProvider(String tokenFilePath, Long expiresInMills) {
this.tokenFilePath = tokenFilePath;
Pair<String, Long> token2GenerateTime = getTokenAndGenerateTimeFromFile();
this.token = token2GenerateTime.getLeft();
this.expiresAtMillis = token2GenerateTime.getRight() + expiresInMills;
this(tokenFilePath);
this.keepRefreshed = true;
this.expiresAtMillis = -1L;
this.expiresInMills = expiresInMills;
}

Expand All @@ -62,12 +57,12 @@ String token() {
@Override
public boolean refresh() {
long start = System.currentTimeMillis();
Pair<String, Long> token2GenerateTime = getTokenAndGenerateTimeFromFile();
this.token = token2GenerateTime.getLeft();
this.expiresAtMillis = Math.min(token2GenerateTime.getRight(), start) + this.expiresInMills;
if (StringUtils.isNullOrWhitespaceOnly(this.token)) {
String newToken = getTokenFromFile();
if (StringUtils.isNullOrWhitespaceOnly(newToken)) {
return false;
}
this.expiresAtMillis = start + this.expiresInMills;
this.token = newToken;
return true;
}

Expand Down Expand Up @@ -101,17 +96,11 @@ public Optional<Long> expiresInMills() {
return Optional.ofNullable(this.expiresInMills);
}

private Pair<String, Long> getTokenAndGenerateTimeFromFile() {
private String getTokenFromFile() {
try {
// todo: handle exception
File file = new File(tokenFilePath);
long modified = file.lastModified();
String token =
new String(
Files.readAllBytes(Paths.get(tokenFilePath)), StandardCharsets.UTF_8);
return Pair.of(token, modified);
return FileIOUtils.readFileUtf8(new File(tokenFilePath));
} catch (IOException e) {
throw new RuntimeException(e);
throw new UncheckedIOException(e);
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,10 @@
package org.apache.paimon.rest.auth;

import org.apache.paimon.options.Options;
import org.apache.paimon.rest.RESTCatalogOptions;

import static org.apache.paimon.rest.auth.AuthOptions.TOKEN_EXPIRES_IN;
import static org.apache.paimon.rest.auth.AuthOptions.TOKEN_FILE_PATH;
import static org.apache.paimon.rest.RESTCatalogOptions.TOKEN_EXPIRATION_TIME;
import static org.apache.paimon.rest.RESTCatalogOptions.TOKEN_PROVIDER_PATH;

/** factory for create {@link BearTokenCredentialsProvider}. */
public class BearTokenFileCredentialsProviderFactory implements CredentialsProviderFactory {
Expand All @@ -33,17 +34,17 @@ public String identifier() {

@Override
public CredentialsProvider create(Options options) {
if (!options.getOptional(TOKEN_FILE_PATH).isPresent()) {
throw new IllegalArgumentException(TOKEN_FILE_PATH.key() + " is required");
if (!options.getOptional(TOKEN_PROVIDER_PATH).isPresent()) {
throw new IllegalArgumentException(TOKEN_PROVIDER_PATH.key() + " is required");
}
String tokenFilePath = options.get(TOKEN_FILE_PATH);
boolean keepTokenRefreshed = options.get(AuthOptions.TOKEN_REFRESH_ENABLED);
String tokenFilePath = options.get(TOKEN_PROVIDER_PATH);
boolean keepTokenRefreshed = options.get(RESTCatalogOptions.TOKEN_REFRESH_ENABLED);
if (keepTokenRefreshed) {
if (!options.getOptional(TOKEN_EXPIRES_IN).isPresent()) {
if (!options.getOptional(TOKEN_EXPIRATION_TIME).isPresent()) {
throw new IllegalArgumentException(
TOKEN_EXPIRES_IN.key() + " is required when token refresh enabled");
TOKEN_EXPIRATION_TIME.key() + " is required when token refresh enabled");
}
long tokenExpireInMills = options.get(TOKEN_EXPIRES_IN).toMillis();
long tokenExpireInMills = options.get(TOKEN_EXPIRATION_TIME).toMillis();
return new BearTokenFileCredentialsProvider(tokenFilePath, tokenExpireInMills);

} else {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,9 @@
import org.apache.paimon.factories.Factory;
import org.apache.paimon.factories.FactoryUtil;
import org.apache.paimon.options.Options;
import org.apache.paimon.rest.RESTCatalogOptions;

import static org.apache.paimon.rest.auth.AuthOptions.CREDENTIALS_PROVIDER;
import static org.apache.paimon.rest.RESTCatalogOptions.CREDENTIALS_PROVIDER;

/** Factory for creating {@link CredentialsProvider}. */
public interface CredentialsProviderFactory extends Factory {
Expand All @@ -44,6 +45,6 @@ static CredentialsProvider createCredentialsProvider(Options options, ClassLoade
return credentialsProviderFactory.create(options);
} catch (UnsupportedOperationException ignore) {
}
return new BearTokenCredentialsProvider(options.get(AuthOptions.TOKEN));
return new BearTokenCredentialsProvider(options.get(RESTCatalogOptions.TOKEN));
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@

import org.apache.paimon.options.CatalogOptions;
import org.apache.paimon.options.Options;
import org.apache.paimon.rest.auth.AuthOptions;
import org.apache.paimon.rest.auth.CredentialsProviderType;

import okhttp3.mockwebserver.MockResponse;
Expand Down Expand Up @@ -49,10 +48,11 @@ public void setUp() throws IOException {
String baseUrl = mockWebServer.url("").toString();
Options options = new Options();
options.set(RESTCatalogOptions.URI, baseUrl);
options.set(AuthOptions.TOKEN, initToken);
options.set(RESTCatalogOptions.TOKEN, initToken);
options.set(RESTCatalogOptions.THREAD_POOL_SIZE, 1);
mockOptions(RESTCatalogInternalOptions.PREFIX.key(), "prefix");
options.set(AuthOptions.CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN.name());
options.set(
RESTCatalogOptions.CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN.name());
restCatalog = new RESTCatalog(options);
}

Expand All @@ -65,7 +65,8 @@ public void tearDown() throws IOException {
public void testInitFailWhenDefineWarehouse() {
Options options = new Options();
options.set(CatalogOptions.WAREHOUSE, "/a/b/c");
options.set(AuthOptions.CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN.name());
options.set(
RESTCatalogOptions.CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN.name());
assertThrows(IllegalArgumentException.class, () -> new RESTCatalog(options));
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@
package org.apache.paimon.rest.auth;

import org.apache.paimon.options.Options;
import org.apache.paimon.rest.RESTCatalogOptions;

import org.apache.commons.io.FileUtils;
import org.junit.Rule;
Expand All @@ -41,8 +42,9 @@ public class CredentialsProviderFactoryTest {
public void testCreateBearTokenCredentialsProviderSuccess() {
Options options = new Options();
String token = UUID.randomUUID().toString();
options.set(AuthOptions.TOKEN, token);
options.set(AuthOptions.CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN.name());
options.set(RESTCatalogOptions.TOKEN, token);
options.set(
RESTCatalogOptions.CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN.name());
BearTokenCredentialsProvider credentialsProvider =
(BearTokenCredentialsProvider)
CredentialsProviderFactory.createCredentialsProvider(
Expand All @@ -53,7 +55,8 @@ public void testCreateBearTokenCredentialsProviderSuccess() {
@Test
public void testCreateBearTokenCredentialsProviderFail() {
Options options = new Options();
options.set(AuthOptions.CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN.name());
options.set(
RESTCatalogOptions.CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN.name());
assertThrows(
IllegalArgumentException.class,
() ->
Expand All @@ -68,9 +71,10 @@ public void testCreateBearTokenFileCredentialsProviderSuccess() throws Exception
File tokenFile = folder.newFile(fileName);
String token = UUID.randomUUID().toString();
FileUtils.writeStringToFile(tokenFile, token);
options.set(AuthOptions.TOKEN_FILE_PATH, tokenFile.getPath());
options.set(RESTCatalogOptions.TOKEN_PROVIDER_PATH, tokenFile.getPath());
options.set(
AuthOptions.CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN_FILE.name());
RESTCatalogOptions.CREDENTIALS_PROVIDER,
CredentialsProviderType.BEAR_TOKEN_FILE.name());
BearTokenFileCredentialsProvider credentialsProvider =
(BearTokenFileCredentialsProvider)
CredentialsProviderFactory.createCredentialsProvider(
Expand All @@ -82,7 +86,8 @@ public void testCreateBearTokenFileCredentialsProviderSuccess() throws Exception
public void testCreateBearTokenFileCredentialsProviderFail() throws Exception {
Options options = new Options();
options.set(
AuthOptions.CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN_FILE.name());
RESTCatalogOptions.CREDENTIALS_PROVIDER,
CredentialsProviderType.BEAR_TOKEN_FILE.name());
assertThrows(
IllegalArgumentException.class,
() ->
Expand All @@ -98,10 +103,11 @@ public void testCreateRefreshBearTokenFileCredentialsProviderSuccess() throws Ex
String token = UUID.randomUUID().toString();
FileUtils.writeStringToFile(tokenFile, token);
options.set(
AuthOptions.CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN_FILE.name());
options.set(AuthOptions.TOKEN_FILE_PATH, tokenFile.getPath());
options.set(AuthOptions.TOKEN_REFRESH_ENABLED, true);
options.set(AuthOptions.TOKEN_EXPIRES_IN, Duration.ofSeconds(10L));
RESTCatalogOptions.CREDENTIALS_PROVIDER,
CredentialsProviderType.BEAR_TOKEN_FILE.name());
options.set(RESTCatalogOptions.TOKEN_PROVIDER_PATH, tokenFile.getPath());
options.set(RESTCatalogOptions.TOKEN_REFRESH_ENABLED, true);
options.set(RESTCatalogOptions.TOKEN_EXPIRATION_TIME, Duration.ofSeconds(10L));
BearTokenFileCredentialsProvider credentialsProvider =
(BearTokenFileCredentialsProvider)
CredentialsProviderFactory.createCredentialsProvider(
Expand All @@ -117,11 +123,13 @@ public void testCreateRefreshBearTokenFileCredentialsProviderFail() throws Excep
String token = UUID.randomUUID().toString();
FileUtils.writeStringToFile(tokenFile, token);
options.set(
AuthOptions.CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN_FILE.name());
options.set(AuthOptions.TOKEN_FILE_PATH, tokenFile.getPath());
options.set(AuthOptions.TOKEN_REFRESH_ENABLED, true);
RESTCatalogOptions.CREDENTIALS_PROVIDER,
CredentialsProviderType.BEAR_TOKEN_FILE.name());
options.set(RESTCatalogOptions.TOKEN_PROVIDER_PATH, tokenFile.getPath());
options.set(RESTCatalogOptions.TOKEN_REFRESH_ENABLED, true);
options.set(
AuthOptions.CREDENTIALS_PROVIDER, CredentialsProviderType.BEAR_TOKEN_FILE.name());
RESTCatalogOptions.CREDENTIALS_PROVIDER,
CredentialsProviderType.BEAR_TOKEN_FILE.name());
assertThrows(
IllegalArgumentException.class,
() ->
Expand Down

0 comments on commit 68c69dd

Please sign in to comment.