/// <summary>
/// Add a previously used master key to cache (when NN restarts),
/// should be called before activate().
/// </summary>
/// <exception cref="System.IO.IOException"/>
public virtual void AddKey(DelegationKey key)
{
lock (this)
{
if (running)
{
// a safety check
throw new IOException("Can't add delegation key to a running SecretManager.");
}
if (key.GetKeyId() > GetCurrentKeyId())
{
SetCurrentKeyId(key.GetKeyId());
}
allKeys[key.GetKeyId()] = key;
}
}
protected internal override byte[] CreatePassword(TokenIdent identifier)
{
lock (this)
{
int sequenceNum;
long now = Time.Now();
sequenceNum = IncrementDelegationTokenSeqNum();
identifier.SetIssueDate(now);
identifier.SetMaxDate(now + tokenMaxLifetime);
identifier.SetMasterKeyId(currentKey.GetKeyId());
identifier.SetSequenceNumber(sequenceNum);
Log.Info("Creating password for identifier: " + identifier + ", currentKey: " + currentKey
.GetKeyId());
byte[] password = CreatePassword(identifier.GetBytes(), currentKey.GetKey());
AbstractDelegationTokenSecretManager.DelegationTokenInformation tokenInfo = new AbstractDelegationTokenSecretManager.DelegationTokenInformation
(now + tokenRenewInterval, password, GetTrackingIdIfEnabled(identifier));
try
{
StoreToken(identifier, tokenInfo);
}
catch (IOException ioe)
{
Log.Error("Could not store token !!", ioe);
}
return(password);
}
}
protected internal override void RemoveStoredMasterKey(DelegationKey key)
{
string nodeRemovePath = GetNodePath(ZkDtsmMasterKeyRoot, DelegationKeyPrefix + key
.GetKeyId());
if (Log.IsDebugEnabled())
{
Log.Debug("Removing ZKDTSMDelegationKey_" + key.GetKeyId());
}
try
{
if (zkClient.CheckExists().ForPath(nodeRemovePath) != null)
{
while (zkClient.CheckExists().ForPath(nodeRemovePath) != null)
{
zkClient.Delete().Guaranteed().ForPath(nodeRemovePath);
}
}
else
{
Log.Debug("Attempted to delete a non-existing znode " + nodeRemovePath);
}
}
catch (Exception)
{
Log.Debug(nodeRemovePath + " znode could not be removed!!");
}
}
/// <exception cref="System.IO.IOException"/>
private void ProcessKeyAddOrUpdate(byte[] data)
{
ByteArrayInputStream bin = new ByteArrayInputStream(data);
DataInputStream din = new DataInputStream(bin);
DelegationKey key = new DelegationKey();
key.ReadFields(din);
lock (this)
{
allKeys[key.GetKeyId()] = key;
}
}
/// <exception cref="System.IO.IOException"/>
private void AddOrUpdateDelegationKey(DelegationKey key, bool isUpdate)
{
string nodeCreatePath = GetNodePath(ZkDtsmMasterKeyRoot, DelegationKeyPrefix + key
.GetKeyId());
ByteArrayOutputStream os = new ByteArrayOutputStream();
DataOutputStream fsOut = new DataOutputStream(os);
if (Log.IsDebugEnabled())
{
Log.Debug("Storing ZKDTSMDelegationKey_" + key.GetKeyId());
}
key.Write(fsOut);
try
{
if (zkClient.CheckExists().ForPath(nodeCreatePath) != null)
{
zkClient.SetData().ForPath(nodeCreatePath, os.ToByteArray()).SetVersion(-1);
if (!isUpdate)
{
Log.Debug("Key with path [" + nodeCreatePath + "] already exists.. Updating !!");
}
}
else
{
zkClient.Create().WithMode(CreateMode.Persistent).ForPath(nodeCreatePath, os.ToByteArray
());
if (isUpdate)
{
Log.Debug("Updating non existent Key path [" + nodeCreatePath + "].. Adding new !!"
);
}
}
}
catch (KeeperException.NodeExistsException)
{
Log.Debug(nodeCreatePath + " znode already exists !!");
}
catch (Exception ex)
{
throw new IOException(ex);
}
finally
{
os.Close();
}
}
/// <summary>
/// For subclasses externalizing the storage, for example Zookeeper
/// based implementations
/// </summary>
/// <exception cref="System.IO.IOException"/>
protected internal virtual void UpdateDelegationKey(DelegationKey key)
{
allKeys[key.GetKeyId()] = key;
}
/// <summary>
/// For subclasses externalizing the storage, for example Zookeeper
/// based implementations
/// </summary>
/// <exception cref="System.IO.IOException"/>
protected internal virtual void StoreDelegationKey(DelegationKey key)
{
allKeys[key.GetKeyId()] = key;
StoreNewMasterKey(key);
}