1 /** 2 * Licensed to the Apache Software Foundation (ASF) under one 3 * or more contributor license agreements. See the NOTICE file 4 * distributed with this work for additional information 5 * regarding copyright ownership. The ASF licenses this file 6 * to you under the Apache License, Version 2.0 (the 7 * "License"); you may not use this file except in compliance 8 * with the License. You may obtain a copy of the License at 9 * 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * 12 * Unless required by applicable law or agreed to in writing, software 13 * distributed under the License is distributed on an "AS IS" BASIS, 14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 * See the License for the specific language governing permissions and 16 * limitations under the License. 17 */ 18 19 package org.apache.hadoop.yarn.server.resourcemanager.security; 20 21 import java.util.HashMap; 22 import java.util.Map; 23 24 import javax.crypto.SecretKey; 25 import com.google.common.annotations.VisibleForTesting; 26 27 import org.apache.hadoop.yarn.api.records.ApplicationAttemptId; 28 import org.apache.hadoop.yarn.security.client.BaseClientToAMTokenSecretManager; 29 30 public class ClientToAMTokenSecretManagerInRM extends 31 BaseClientToAMTokenSecretManager { 32 33 // Per application master-keys for managing client-tokens 34 private Map<ApplicationAttemptId, SecretKey> masterKeys = 35 new HashMap<ApplicationAttemptId, SecretKey>(); 36 createMasterKey( ApplicationAttemptId applicationAttemptID)37 public synchronized SecretKey createMasterKey( 38 ApplicationAttemptId applicationAttemptID) { 39 return generateSecret(); 40 } 41 registerApplication( ApplicationAttemptId applicationAttemptID, SecretKey key)42 public synchronized void registerApplication( 43 ApplicationAttemptId applicationAttemptID, SecretKey key) { 44 this.masterKeys.put(applicationAttemptID, key); 45 } 46 47 // Only for RM recovery registerMasterKey( ApplicationAttemptId applicationAttemptID, byte[] keyData)48 public synchronized SecretKey registerMasterKey( 49 ApplicationAttemptId applicationAttemptID, byte[] keyData) { 50 SecretKey key = createSecretKey(keyData); 51 registerApplication(applicationAttemptID, key); 52 return key; 53 } 54 unRegisterApplication( ApplicationAttemptId applicationAttemptID)55 public synchronized void unRegisterApplication( 56 ApplicationAttemptId applicationAttemptID) { 57 this.masterKeys.remove(applicationAttemptID); 58 } 59 60 @Override getMasterKey( ApplicationAttemptId applicationAttemptID)61 public synchronized SecretKey getMasterKey( 62 ApplicationAttemptId applicationAttemptID) { 63 return this.masterKeys.get(applicationAttemptID); 64 } 65 66 @VisibleForTesting hasMasterKey( ApplicationAttemptId applicationAttemptID)67 public synchronized boolean hasMasterKey( 68 ApplicationAttemptId applicationAttemptID) { 69 return this.masterKeys.containsKey(applicationAttemptID); 70 } 71 } 72