/// <exception cref="System.IO.IOException"/>
public KMSClientProvider(URI uri, Configuration conf)
: base(conf)
{
kmsUrl = CreateServiceURL(ExtractKMSPath(uri));
if (Runtime.EqualsIgnoreCase("https", new Uri(kmsUrl).Scheme))
{
sslFactory = new SSLFactory(SSLFactory.Mode.Client, conf);
try
{
sslFactory.Init();
}
catch (GeneralSecurityException ex)
{
throw new IOException(ex);
}
}
int timeout = conf.GetInt(TimeoutAttr, DefaultTimeout);
authRetry = conf.GetInt(AuthRetry, DefaultAuthRetry);
configurator = new KMSClientProvider.TimeoutConnConfigurator(timeout, sslFactory);
encKeyVersionQueue = new ValueQueue <KeyProviderCryptoExtension.EncryptedKeyVersion
>(conf.GetInt(CommonConfigurationKeysPublic.KmsClientEncKeyCacheSize, CommonConfigurationKeysPublic
.KmsClientEncKeyCacheSizeDefault), conf.GetFloat(CommonConfigurationKeysPublic.KmsClientEncKeyCacheLowWatermark
, CommonConfigurationKeysPublic.KmsClientEncKeyCacheLowWatermarkDefault), conf.GetInt
(CommonConfigurationKeysPublic.KmsClientEncKeyCacheExpiryMs, CommonConfigurationKeysPublic
.KmsClientEncKeyCacheExpiryDefault), conf.GetInt(CommonConfigurationKeysPublic.KmsClientEncKeyCacheNumRefillThreads
, CommonConfigurationKeysPublic.KmsClientEncKeyCacheNumRefillThreadsDefault), new
KMSClientProvider.EncryptedQueueRefiller(this));
authToken = new DelegationTokenAuthenticatedURL.Token();
actualUgi = (UserGroupInformation.GetCurrentUser().GetAuthenticationMethod() == UserGroupInformation.AuthenticationMethod
.Proxy) ? UserGroupInformation.GetCurrentUser().GetRealUser() : UserGroupInformation
.GetCurrentUser();
}
/// <inheritdoc/>
protected override void Down(MigrationBuilder migrationBuilder)
{
migrationBuilder.Sql($"DROP ROLE IF EXISTS {ConnectionConfigurator.GetRoleName(DatabaseRole.Account)};");
migrationBuilder.Sql($"DROP ROLE IF EXISTS {ConnectionConfigurator.GetRoleName(DatabaseRole.Configuration)};");
migrationBuilder.Sql($"DROP ROLE IF EXISTS {ConnectionConfigurator.GetRoleName(DatabaseRole.Guild)};");
migrationBuilder.Sql($"DROP ROLE IF EXISTS {ConnectionConfigurator.GetRoleName(DatabaseRole.Friend)};");
}
public static ConnectionConfigurator AddChannel(this ConnectionConfigurator configurator, UntypedChannel channel)
{
var channelConfigurator = new UntypedChannelConfigurator(channel);
configurator.AddConfigurator(channelConfigurator);
return(configurator);
}
/// <summary>
/// Add a consumer of the specified message type
/// </summary>
/// <typeparam name="TChannel">The channel type</typeparam>
/// <returns>A chainable method to configure additional options</returns>
public static ChannelConfigurator <TChannel> AddConsumerOf <TChannel>(this ConnectionConfigurator configurator)
{
var channelConfigurator = new ChannelConfiguratorImpl <TChannel>();
configurator.AddConfigurator(channelConfigurator);
return(channelConfigurator);
}
public static PropertyChannelsConfigurator <T> AddPropertyChannelsOf <T>(this ConnectionConfigurator configurator)
where T : class
{
var typeConfigurator = new PropertyChannelsConfiguratorImpl <T>();
configurator.AddConfigurator(typeConfigurator);
return(typeConfigurator);
}
public static WcfChannelConnectionConfigurator SendToWcfChannel(this ConnectionConfigurator connectionConfigurator,
Uri endpointUri, string pipeName)
{
var configurator = new WcfChannelConnectionConfiguratorImpl(endpointUri, pipeName);
connectionConfigurator.RegisterChannelConfigurator(configurator);
return(configurator);
}
public static ConnectionConfigurator <T> AddChannel <T, TChannel>(this ConnectionConfigurator <T> configurator,
Channel <TChannel> channel)
{
var channelConfigurator = new TypedChannelConfigurator <T, TChannel>(channel);
configurator.AddConfigurator(channelConfigurator);
return(configurator);
}
public static PropertyChannelConnectionConfigurator <T> BindChannelsFor <T>(this ConnectionConfigurator configurator)
where T : class
{
var typeConfigurator = new PropertyChannelConnectionConfiguratorImpl <T>();
configurator.RegisterChannelConfigurator(typeConfigurator);
return(typeConfigurator);
}
public static StateMachineConnectionConfigurator <T> AddConsumersFor <T>(this ConnectionConfigurator configurator)
where T : StateMachine <T>
{
var stateMachineConfigurator = new StateMachineConnectionConfiguratorImpl <T>();
configurator.AddConfigurator(stateMachineConfigurator);
return(stateMachineConfigurator);
}
/// <summary>
/// Add a consumer to the channel using the message type defined for the channel
/// </summary>
/// <typeparam name="TChannel">The channel type, specifies the type of message sent by the channel</typeparam>
/// <param name="connectionConfigurator">The connection configurator</param>
/// <param name="consumer">The consumer to add to the channel</param>
/// <returns>A consumer configurator to customize the consumer settings</returns>
public static ConsumerChannelConfigurator <TChannel> AddSelectiveConsumer <TChannel>(
this ConnectionConfigurator <TChannel> connectionConfigurator,
SelectiveConsumer <TChannel> consumer)
{
var configurator = new SelectiveConsumerChannelConfiguratorImpl <TChannel>(consumer);
connectionConfigurator.RegisterChannelConfigurator(configurator);
return(configurator);
}
/// <summary>
/// Add a consumer to the channel using the message type defined for the channel
/// </summary>
/// <typeparam name="TChannel">The channel type, specifies the type of message sent by the channel</typeparam>
/// <param name="connectionConfigurator">The connection configurator</param>
/// <param name="consumer">The consumer to add to the channel</param>
/// <returns>A consumer configurator to customize the consumer settings</returns>
public static ConsumerConfigurator <TChannel> AddConsumer <TChannel>(
this ConnectionConfigurator <TChannel> connectionConfigurator,
Consumer <TChannel> consumer)
{
var channelConfigurator = new ChannelConfiguratorImpl <TChannel>();
connectionConfigurator.AddConfigurator(channelConfigurator);
return(channelConfigurator
.UsingConsumer(consumer));
}
public static ConsumerConfigurator <T> AddChannel <T>(this ConnectionConfigurator <T> configurator,
UntypedChannel channel)
{
var channelConfigurator = new ChannelConfiguratorImpl <T>();
configurator.AddConfigurator(channelConfigurator);
var consumerConfigurator = new ConsumerConfiguratorImpl <T>(channel.Send);
channelConfigurator.AddConfigurator(consumerConfigurator);
return(consumerConfigurator);
}
/// <summary>Creates an <code>AuthenticatedURL</code>.</summary>
/// <param name="authenticator">
/// the
/// <see cref="Authenticator"/>
/// instance to use, if <code>null</code> a
/// <see cref="KerberosAuthenticator"/>
/// is used.
/// </param>
/// <param name="connConfigurator">a connection configurator.</param>
public AuthenticatedURL(Authenticator authenticator, ConnectionConfigurator connConfigurator
)
{
try
{
this.authenticator = (authenticator != null) ? authenticator : System.Activator.CreateInstance
(DefaultAuthenticator);
}
catch (Exception ex)
{
throw new RuntimeException(ex);
}
this.connConfigurator = connConfigurator;
this.authenticator.SetConnectionConfigurator(connConfigurator);
}
/// <exception cref="System.Exception"/>
protected override void ServiceInit(Configuration conf)
{
UserGroupInformation ugi = UserGroupInformation.GetCurrentUser();
UserGroupInformation realUgi = ugi.GetRealUser();
if (realUgi != null)
{
authUgi = realUgi;
doAsUser = ugi.GetShortUserName();
}
else
{
authUgi = ugi;
doAsUser = null;
}
ClientConfig cc = new DefaultClientConfig();
cc.GetClasses().AddItem(typeof(YarnJacksonJaxbJsonProvider));
connConfigurator = NewConnConfigurator(conf);
if (UserGroupInformation.IsSecurityEnabled())
{
authenticator = new KerberosDelegationTokenAuthenticator();
}
else
{
authenticator = new PseudoDelegationTokenAuthenticator();
}
authenticator.SetConnectionConfigurator(connConfigurator);
token = new DelegationTokenAuthenticatedURL.Token();
connectionRetry = new TimelineClientImpl.TimelineClientConnectionRetry(conf);
client = new Com.Sun.Jersey.Api.Client.Client(new URLConnectionClientHandler(new
TimelineClientImpl.TimelineURLConnectionFactory(this)), cc);
TimelineClientImpl.TimelineJerseyRetryFilter retryFilter = new TimelineClientImpl.TimelineJerseyRetryFilter
(this);
client.AddFilter(retryFilter);
if (YarnConfiguration.UseHttps(conf))
{
resURI = URI.Create(Joiner.Join("https://", conf.Get(YarnConfiguration.TimelineServiceWebappHttpsAddress
, YarnConfiguration.DefaultTimelineServiceWebappHttpsAddress), ResourceUriStr));
}
else
{
resURI = URI.Create(Joiner.Join("http://", conf.Get(YarnConfiguration.TimelineServiceWebappAddress
, YarnConfiguration.DefaultTimelineServiceWebappAddress), ResourceUriStr));
}
Log.Info("Timeline service address: " + resURI);
base.ServiceInit(conf);
}
/// <summary>Construct a new URLConnectionFactory based on the configuration.</summary>
/// <remarks>
/// Construct a new URLConnectionFactory based on the configuration. It will
/// try to load SSL certificates when it is specified.
/// </remarks>
public static Org.Apache.Hadoop.Hdfs.Web.URLConnectionFactory NewDefaultURLConnectionFactory
(Configuration conf)
{
ConnectionConfigurator conn = null;
try
{
conn = NewSslConnConfigurator(DefaultSocketTimeout, conf);
}
catch (Exception e)
{
Log.Debug("Cannot load customized ssl related configuration. Fallback to system-generic settings."
, e);
conn = DefaultTimeoutConnConfigurator;
}
return(new Org.Apache.Hadoop.Hdfs.Web.URLConnectionFactory(conn));
}
public virtual void TestConnectionConfigurator()
{
HttpURLConnection conn = Org.Mockito.Mockito.Mock <HttpURLConnection>();
Org.Mockito.Mockito.When(conn.GetResponseCode()).ThenReturn(HttpURLConnection.HttpUnauthorized
);
ConnectionConfigurator connConf = Org.Mockito.Mockito.Mock <ConnectionConfigurator
>();
Org.Mockito.Mockito.When(connConf.Configure(Org.Mockito.Mockito.Any <HttpURLConnection
>())).ThenReturn(conn);
Authenticator authenticator = Org.Mockito.Mockito.Mock <Authenticator>();
AuthenticatedURL aURL = new AuthenticatedURL(authenticator, connConf);
aURL.OpenConnection(new Uri("http://foo"), new AuthenticatedURL.Token());
Org.Mockito.Mockito.Verify(connConf).Configure(Org.Mockito.Mockito.Any <HttpURLConnection
>());
}
/// <inheritdoc/>
protected override void Up(MigrationBuilder migrationBuilder)
{
migrationBuilder.Sql($"DROP ROLE IF EXISTS {ConnectionConfigurator.GetRoleName(DatabaseRole.Account)}, {ConnectionConfigurator.GetRoleName(DatabaseRole.Configuration)}, {ConnectionConfigurator.GetRoleName(DatabaseRole.Guild)}, {ConnectionConfigurator.GetRoleName(DatabaseRole.Friend)};");
var accountRoleName = ConnectionConfigurator.GetRoleName(DatabaseRole.Account);
migrationBuilder.Sql($"CREATE ROLE {accountRoleName} WITH LOGIN PASSWORD '{ConnectionConfigurator.GetRolePassword(DatabaseRole.Account)}';");
migrationBuilder.Sql($"GRANT SELECT, UPDATE, INSERT, DELETE ON ALL TABLES IN SCHEMA data TO GROUP {accountRoleName};");
migrationBuilder.Sql($"ALTER DEFAULT PRIVILEGES IN SCHEMA data GRANT ALL ON TABLES TO {accountRoleName};");
migrationBuilder.Sql($"GRANT USAGE ON SCHEMA data TO GROUP {accountRoleName};");
var configRoleName = ConnectionConfigurator.GetRoleName(DatabaseRole.Configuration);
migrationBuilder.Sql($"CREATE ROLE {configRoleName} WITH LOGIN PASSWORD '{ConnectionConfigurator.GetRolePassword(DatabaseRole.Configuration)}';");
migrationBuilder.Sql($"GRANT SELECT ON ALL TABLES IN SCHEMA config TO GROUP {configRoleName};");
migrationBuilder.Sql($"ALTER DEFAULT PRIVILEGES IN SCHEMA config GRANT ALL ON TABLES TO {configRoleName};");
migrationBuilder.Sql($"GRANT SELECT ON TABLE data.\"Item\", data.\"ItemOptionLink\", data.\"ItemItemSetGroup\", data.\"ItemStorage\" TO GROUP {configRoleName};");
migrationBuilder.Sql($"GRANT USAGE ON SCHEMA data, config TO GROUP {configRoleName};");
var guildRoleName = ConnectionConfigurator.GetRoleName(DatabaseRole.Guild);
migrationBuilder.Sql($"CREATE ROLE {guildRoleName} WITH LOGIN PASSWORD '{ConnectionConfigurator.GetRolePassword(DatabaseRole.Guild)}';");
migrationBuilder.Sql($"GRANT SELECT, UPDATE, INSERT, DELETE ON ALL TABLES IN SCHEMA guild TO GROUP {guildRoleName};");
migrationBuilder.Sql($"ALTER DEFAULT PRIVILEGES IN SCHEMA guild GRANT ALL ON TABLES TO {guildRoleName};");
migrationBuilder.Sql($"GRANT SELECT ON TABLE data.\"Character\" TO GROUP {guildRoleName};");
migrationBuilder.Sql($"GRANT USAGE ON SCHEMA data, guild TO GROUP {guildRoleName};");
var friendRoleName = ConnectionConfigurator.GetRoleName(DatabaseRole.Friend);
migrationBuilder.Sql($"CREATE ROLE {friendRoleName} WITH LOGIN PASSWORD '{ConnectionConfigurator.GetRolePassword(DatabaseRole.Friend)}';");
migrationBuilder.Sql($"GRANT SELECT, UPDATE, INSERT, DELETE ON ALL TABLES IN SCHEMA friend TO GROUP {friendRoleName};");
migrationBuilder.Sql($"ALTER DEFAULT PRIVILEGES IN SCHEMA friend GRANT ALL ON TABLES TO {friendRoleName};");
migrationBuilder.Sql($"GRANT SELECT ON TABLE data.\"Character\" TO GROUP {friendRoleName};");
migrationBuilder.Sql($"GRANT USAGE ON SCHEMA data, friend TO GROUP {friendRoleName};");
}
void AddEventForwarders(ConnectionConfigurator x)
{
// These are needed to ensure that events are updated in the shelf state machine
// as well as the service coordinator state machine. To handle this, the servicecontroller
// is given the shelf channel as the reporting channel for events, and the shelf forwards
// the events to the service coordinator
x.AddConsumerOf <ServiceEvent>()
.UsingConsumer(OnServiceEvent)
.HandleOnCallingThread();
x.AddConsumerOf <ServiceCreated>()
.UsingConsumer(m => _controllerChannel.Send(m))
.HandleOnFiber(_fiber);
x.AddConsumerOf <ServiceFolderChanged>()
.UsingConsumer(m => _controllerChannel.Send(m))
.HandleOnFiber(_fiber);
x.AddConsumerOf <ServiceFolderRemoved>()
.UsingConsumer(m => _controllerChannel.Send(m))
.HandleOnFiber(_fiber);
x.AddConsumerOf <ServiceRunning>()
.UsingConsumer(m => _controllerChannel.Send(m))
.HandleOnFiber(_fiber);
x.AddConsumerOf <ServiceStopped>()
.UsingConsumer(m => _controllerChannel.Send(m))
.HandleOnFiber(_fiber);
x.AddConsumerOf <ServicePaused>()
.UsingConsumer(m => _controllerChannel.Send(m))
.HandleOnFiber(_fiber);
x.AddConsumerOf <ServiceUnloaded>()
.UsingConsumer(m =>
{
_log.InfoFormat("[{0}] Unloading Shelf and AppDomain", _serviceName);
_controllerChannel.Send(m);
Dispose();
AppDomain.Unload(AppDomain.CurrentDomain);
})
.HandleOnFiber(_fiber);
x.AddConsumerOf <ServiceFault>()
.UsingConsumer(m => _controllerChannel.Send(m))
.HandleOnFiber(_fiber);
}
/// <inheritdoc/>
protected override void Up(MigrationBuilder migrationBuilder)
{
migrationBuilder.Sql($"DROP ROLE IF EXISTS {ConnectionConfigurator.GetRoleName(DatabaseRole.Account)}, {ConnectionConfigurator.GetRoleName(DatabaseRole.Configuration)};");
var accountRoleName = ConnectionConfigurator.GetRoleName(DatabaseRole.Account);
migrationBuilder.Sql($"CREATE ROLE {accountRoleName} WITH LOGIN PASSWORD '{ConnectionConfigurator.GetRolePassword(DatabaseRole.Account)}';");
migrationBuilder.Sql($"GRANT SELECT, UPDATE, INSERT, DELETE ON ALL TABLES IN SCHEMA data TO GROUP {accountRoleName};");
migrationBuilder.Sql($"GRANT USAGE ON SCHEMA data TO GROUP {accountRoleName};");
var configRoleName = ConnectionConfigurator.GetRoleName(DatabaseRole.Configuration);
migrationBuilder.Sql($"CREATE ROLE {configRoleName} WITH LOGIN PASSWORD '{ConnectionConfigurator.GetRolePassword(DatabaseRole.Configuration)}';");
migrationBuilder.Sql($"GRANT SELECT ON ALL TABLES IN SCHEMA config TO GROUP {configRoleName};");
migrationBuilder.Sql($"GRANT SELECT ON TABLE data.\"Item\", data.\"ItemOptionLink\", data.\"ItemItemSetGroup\", data.\"ItemStorage\" TO GROUP {configRoleName};");
migrationBuilder.Sql($"GRANT USAGE ON SCHEMA data, config TO GROUP {configRoleName};");
}
public void SetupConnection(Connection connection, bool start = true)
{
if (Connection != null)
{
Close();
}
lock (lckObject)
{
ConnectionConfigurator?.Configure(connection);
Connection = connection;
Connection.StateChanged += Connection_StatusChanged;
Connection.DataReceived += ProcessReceivedData;
PacketReader.Clear();
State = SessionState.Working;
if (start)
{
Start();
}
}
}
private static DelegationTokenAuthenticator ObtainDelegationTokenAuthenticator(DelegationTokenAuthenticator
dta, ConnectionConfigurator connConfigurator)
{
try
{
if (dta == null)
{
dta = System.Activator.CreateInstance(DefaultAuthenticator);
dta.SetConnectionConfigurator(connConfigurator);
}
return(dta);
}
catch (Exception ex)
{
throw new ArgumentException(ex);
}
}
/// <summary>Sets the timeout and wraps another connection configurator</summary>
/// <param name="timeout">- will set both connect and read timeouts - in seconds</param>
/// <param name="cc">- another configurator to wrap - may be null</param>
public TimeoutConnConfigurator(int timeout, ConnectionConfigurator cc)
{
this.timeout = timeout;
this.cc = cc;
}
/// <summary>
/// Sets a
/// <see cref="ConnectionConfigurator"/>
/// instance to use for
/// configuring connections.
/// </summary>
/// <param name="configurator">
/// the
/// <see cref="ConnectionConfigurator"/>
/// instance.
/// </param>
public virtual void SetConnectionConfigurator(ConnectionConfigurator configurator
)
{
connConfigurator = configurator;
}
public _URLConnectionFactory_268(ConnectionConfigurator baseArg1)
: base(baseArg1)
{
}
public virtual void SetConnectionConfigurator(ConnectionConfigurator configurator
)
{
authenticator.SetConnectionConfigurator(configurator);
connConfigurator = configurator;
}
internal URLConnectionFactory(ConnectionConfigurator connConfigurator)
{
this.connConfigurator = connConfigurator;
}
/// <summary>Creates an <code>DelegationTokenAuthenticatedURL</code>.</summary>
/// <param name="authenticator">
/// the
/// <see cref="DelegationTokenAuthenticator"/>
/// instance to
/// use, if <code>null</code> the default one will be used.
/// </param>
/// <param name="connConfigurator">a connection configurator.</param>
public DelegationTokenAuthenticatedURL(DelegationTokenAuthenticator authenticator
, ConnectionConfigurator connConfigurator)
: base(ObtainDelegationTokenAuthenticator(authenticator, connConfigurator), connConfigurator
)
{
}
/// <summary>
/// Creates an <code>DelegationTokenAuthenticatedURL</code> using the default
/// <see cref="DelegationTokenAuthenticator"/>
/// class.
/// </summary>
/// <param name="connConfigurator">a connection configurator.</param>
public DelegationTokenAuthenticatedURL(ConnectionConfigurator connConfigurator)
: this(null, connConfigurator)
{
}
