knox-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lmc...@apache.org
Subject knox git commit: KNOX-1350 - Centralize Group Lookup Config in gateway-site.xml
Date Sat, 09 Jun 2018 22:45:55 GMT
Repository: knox
Updated Branches:
  refs/heads/master 0e34aa16c -> 7f8f97912


KNOX-1350 - Centralize Group Lookup Config in gateway-site.xml


Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/7f8f9791
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/7f8f9791
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/7f8f9791

Branch: refs/heads/master
Commit: 7f8f9791255d7dd2425a6feb0aa466bd15019d61
Parents: 0e34aa1
Author: Larry McCay <lmccay@apache.org>
Authored: Sat Jun 9 18:45:06 2018 -0400
Committer: Larry McCay <lmccay@apache.org>
Committed: Sat Jun 9 18:45:06 2018 -0400

----------------------------------------------------------------------
 ...adoopGroupProviderDeploymentContributor.java | 54 ++++++++++++++++++++
 1 file changed, 54 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/knox/blob/7f8f9791/gateway-provider-identity-assertion-hadoop-groups/src/main/java/org/apache/knox/gateway/identityasserter/hadoop/groups/filter/HadoopGroupProviderDeploymentContributor.java
----------------------------------------------------------------------
diff --git a/gateway-provider-identity-assertion-hadoop-groups/src/main/java/org/apache/knox/gateway/identityasserter/hadoop/groups/filter/HadoopGroupProviderDeploymentContributor.java
b/gateway-provider-identity-assertion-hadoop-groups/src/main/java/org/apache/knox/gateway/identityasserter/hadoop/groups/filter/HadoopGroupProviderDeploymentContributor.java
index d9388a1..4fb8465 100644
--- a/gateway-provider-identity-assertion-hadoop-groups/src/main/java/org/apache/knox/gateway/identityasserter/hadoop/groups/filter/HadoopGroupProviderDeploymentContributor.java
+++ b/gateway-provider-identity-assertion-hadoop-groups/src/main/java/org/apache/knox/gateway/identityasserter/hadoop/groups/filter/HadoopGroupProviderDeploymentContributor.java
@@ -17,7 +17,18 @@
  */
 package org.apache.knox.gateway.identityasserter.hadoop.groups.filter;
 
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+
+import org.apache.hadoop.conf.Configuration;
+import org.apache.knox.gateway.deploy.DeploymentContext;
+import org.apache.knox.gateway.descriptor.FilterParamDescriptor;
+import org.apache.knox.gateway.descriptor.ResourceDescriptor;
 import org.apache.knox.gateway.identityasserter.common.filter.AbstractIdentityAsserterDeploymentContributor;
+import org.apache.knox.gateway.topology.Provider;
+import org.apache.knox.gateway.topology.Service;
 
 /**
  * A provider deployment contributor for looking up authenticated user groups as
@@ -61,4 +72,47 @@ public class HadoopGroupProviderDeploymentContributor
     return HadoopGroupProviderFilter.class.getName();
   }
 
+  @Override
+  public void contributeFilter( DeploymentContext context, Provider provider, Service service,
+      ResourceDescriptor resource, List<FilterParamDescriptor> params ) {
+	Map<String, String> p = provider.getParams();
+	String prefix = p.get("CENTRAL_GROUP_CONFIG_PREFIX");
+	if (prefix != null && !prefix.isEmpty()) {
+	  if (!prefix.endsWith(".")) {
+        prefix += ".";
+	  }
+      Map<String, String> groupMappingParams = 
+              ((Configuration)context.getGatewayConfig()).getPropsWithPrefix(prefix);
+      if (groupMappingParams != null) {
+        params = createParamList(resource, params, groupMappingParams);	
+      }
+    }
+
+	if (params == null || params.isEmpty()) {
+      params = buildFilterInitParms(provider, resource, params);
+	}
+    resource.addFilter().name(getName()).role(getRole()).impl(getFilterClassname()).params(params);
+  }
+
+  @Override
+  public List<FilterParamDescriptor> buildFilterInitParms(Provider provider,
+      ResourceDescriptor resource, List<FilterParamDescriptor> params) {
+	// blindly add all the provider params as filter init params
+    if (params == null) {
+      params = new ArrayList<FilterParamDescriptor>();
+    }
+    Map<String, String> providerParams = provider.getParams();
+    return createParamList(resource, params, providerParams);
+  }
+
+  private List<FilterParamDescriptor> createParamList(ResourceDescriptor resource,
List<FilterParamDescriptor> params,
+        Map<String, String> providerParams) {
+    if (params == null) {
+      params = new ArrayList<FilterParamDescriptor>();
+    }
+    for(Entry<String, String> entry : providerParams.entrySet()) {
+      params.add( resource.createFilterParam().name(entry.getKey().toLowerCase()).value(entry.getValue()));
+    }
+    return params;
+  }
 }


Mime
View raw message