Here are the examples of the java api org.apache.hadoop.security.token.Token taken from open source projects. By voting up you can indicate which examples are most useful and appropriate.
347 Examples
19
Source : JsonUtil.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
/**
* Convert a Json map to a Token.
*/
public static Token<? extends TokenIdentifier> toToken(final Map<?, ?> m) throws IOException {
if (m == null) {
return null;
}
final Token<DelegationTokenIdentifier> token = new Token<DelegationTokenIdentifier>();
token.decodeFromUrlString((String) m.get("urlString"));
return token;
}
19
Source : TestOzoneDelegationTokenSecretManager.java
with Apache License 2.0
from apache
with Apache License 2.0
from apache
private void testRenewTokenSuccessHelper(boolean restartSecretManager) throws Exception {
secretManager = createSecretManager(conf, tokenMaxLifetime, expiryTime, tokenRemoverScanInterval);
secretManager.start(certificateClient);
Token<OzoneTokenIdentifier> token = secretManager.createToken(TEST_USER, TEST_USER, TEST_USER);
Thread.sleep(10 * 5);
if (restartSecretManager) {
restartSecretManager();
}
long renewalTime = secretManager.renewToken(token, TEST_USER.toString());
replacedert.replacedertTrue(renewalTime > 0);
}
18
Source : KerberosHiveMetastoreAuthentication.java
with Apache License 2.0
from trinodb
with Apache License 2.0
from trinodb
private static Token<DelegationTokenIdentifier> decodeDelegationToken(String tokenValue) throws IOException {
Token<DelegationTokenIdentifier> token = new Token<>();
token.decodeFromUrlString(tokenValue);
return token;
}
18
Source : AMLauncher.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
@VisibleForTesting
protected Token<AMRMTokenIdentifier> createAndSetAMRMToken() {
Token<AMRMTokenIdentifier> amrmToken = this.rmContext.getAMRMTokenSecretManager().createAndGetAMRMToken(application.getAppAttemptId());
((RMAppAttemptImpl) application).setAMRMToken(amrmToken);
return amrmToken;
}
18
Source : TestNMTokenSecretManagerInNM.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
private NMTokenIdentifier getNMTokenId(org.apache.hadoop.yarn.api.records.Token token) throws IOException {
Token<NMTokenIdentifier> convertedToken = ConverterUtils.convertFromYarn(token, (Text) null);
return convertedToken.decodeIdentifier();
}
18
Source : ConverterUtils.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
/**
* Convert a protobuf token into a rpc token and set its service. Supposed
* to be used for tokens other than RMDelegationToken. For
* RMDelegationToken, use
* {@link #convertFromYarn(org.apache.hadoop.yarn.api.records.Token,
* org.apache.hadoop.io.Text)} instead.
*
* @param protoToken the yarn token
* @param serviceAddr the connect address for the service
* @return rpc token
*/
public static <T extends TokenIdentifier> Token<T> convertFromYarn(org.apache.hadoop.yarn.api.records.Token protoToken, InetSocketAddress serviceAddr) {
Token<T> token = new Token<T>(protoToken.getIdentifier().array(), protoToken.getPreplacedword().array(), new Text(protoToken.getKind()), new Text(protoToken.getService()));
if (serviceAddr != null) {
SecurityUtil.setTokenService(token, serviceAddr);
}
return token;
}
18
Source : FakeRenewer.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
public clreplaced FakeRenewer extends TokenRenewer {
static Token<?> lastRenewed = null;
static Token<?> lastCanceled = null;
static final Text KIND = new Text("TESTING-TOKEN-KIND");
@Override
public boolean handleKind(Text kind) {
return FakeRenewer.KIND.equals(kind);
}
@Override
public boolean isManaged(Token<?> token) throws IOException {
return true;
}
@Override
public long renew(Token<?> token, Configuration conf) {
lastRenewed = token;
return 0;
}
@Override
public void cancel(Token<?> token, Configuration conf) {
lastCanceled = token;
}
public static void reset() {
lastRenewed = null;
lastCanceled = null;
}
}
18
Source : TestWebHdfsTokens.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
@Test(timeout = 5000)
public void testTokenForNonTokenOp() throws IOException {
WebHdfsFileSystem fs = spyWebhdfsInSecureSetup();
Token<?> token = mock(Token.clreplaced);
doReturn(token).when(fs).getDelegationToken(null);
// should get/set/renew token
fs.toUrl(GetOpParam.Op.OPEN, null);
verify(fs).getDelegationToken();
verify(fs).getDelegationToken(null);
verify(fs).setDelegationToken(token);
reset(fs);
// should return prior token
fs.toUrl(GetOpParam.Op.OPEN, null);
verify(fs).getDelegationToken();
verify(fs, never()).getDelegationToken(null);
verify(fs, never()).setDelegationToken(token);
}
18
Source : TestBlockToken.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
private BlockTokenIdentifier generateTokenId(BlockTokenSecretManager sm, ExtendedBlock block, EnumSet<BlockTokenSecretManager.AccessMode> accessModes) throws IOException {
Token<BlockTokenIdentifier> token = sm.generateToken(block, accessModes);
BlockTokenIdentifier id = sm.createIdentifier();
id.readFields(new DataInputStream(new ByteArrayInputStream(token.getIdentifier())));
return id;
}
18
Source : TestPBHelper.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
@Test
public void testConvertBlockToken() {
Token<BlockTokenIdentifier> token = new Token<BlockTokenIdentifier>("identifier".getBytes(), "preplacedword".getBytes(), new Text("kind"), new Text("service"));
TokenProto tokenProto = PBHelper.convert(token);
Token<BlockTokenIdentifier> token2 = PBHelper.convert(tokenProto);
compare(token, token2);
}
18
Source : TokenAspect.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
synchronized void ensureTokenInitialized() throws IOException {
// we haven't inited yet, or we used to have a token but it expired
if (!hasInitedToken || (action != null && !action.isValid())) {
// since we don't already have a token, go get one
Token<?> token = fs.getDelegationToken(null);
// security might be disabled
if (token != null) {
fs.setDelegationToken(token);
addRenewAction(fs);
LOG.debug("Created new DT for " + token.getService());
}
hasInitedToken = true;
}
}
18
Source : TestDelegationToken.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
@Test
public void testCancelDelegationToken() throws Exception {
final TestDelegationTokenSecretManager dtSecretManager = new TestDelegationTokenSecretManager(24 * 60 * 60 * 1000, 10 * 1000, 1 * 1000, 3600000);
try {
dtSecretManager.startThreads();
final Token<TestDelegationTokenIdentifier> token = generateDelegationToken(dtSecretManager, "SomeUser", "JobTracker");
// Fake renewer should not be able to renew
shouldThrow(new PrivilegedExceptionAction<Object>() {
@Override
public Object run() throws Exception {
dtSecretManager.renewToken(token, "FakeCanceller");
return null;
}
}, AccessControlException.clreplaced);
dtSecretManager.cancelToken(token, "JobTracker");
replacedert.replacedertTrue(dtSecretManager.isRemoveStoredTokenCalled);
shouldThrow(new PrivilegedExceptionAction<Object>() {
@Override
public Object run() throws Exception {
dtSecretManager.renewToken(token, "JobTracker");
return null;
}
}, InvalidToken.clreplaced);
} finally {
dtSecretManager.stopThreads();
}
}
18
Source : TestCredentials.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
public clreplaced TestCredentials {
private static final String DEFAULT_HMAC_ALGORITHM = "HmacSHA1";
private static final File tmpDir = new File(System.getProperty("test.build.data", "/tmp"), "mapred");
@Before
public void setUp() {
tmpDir.mkdir();
}
@After
public void tearDown() {
tmpDir.delete();
}
@SuppressWarnings("unchecked")
@Test
public <T extends TokenIdentifier> void testReadWriteStorage() throws IOException, NoSuchAlgorithmException {
// create tokenStorage Object
Credentials ts = new Credentials();
Token<T> token1 = new Token();
Token<T> token2 = new Token();
Text service1 = new Text("service1");
Text service2 = new Text("service2");
Collection<Text> services = new ArrayList<Text>();
services.add(service1);
services.add(service2);
token1.setService(service1);
token2.setService(service2);
ts.addToken(new Text("sometoken1"), token1);
ts.addToken(new Text("sometoken2"), token2);
// create keys and put it in
final KeyGenerator kg = KeyGenerator.getInstance(DEFAULT_HMAC_ALGORITHM);
String alias = "alias";
Map<Text, byte[]> m = new HashMap<Text, byte[]>(10);
for (int i = 0; i < 10; i++) {
Key key = kg.generateKey();
m.put(new Text(alias + i), key.getEncoded());
ts.addSecretKey(new Text(alias + i), key.getEncoded());
}
// create file to store
File tmpFileName = new File(tmpDir, "tokenStorageTest");
DataOutputStream dos = new DataOutputStream(new FileOutputStream(tmpFileName));
ts.write(dos);
dos.close();
// open and read it back
DataInputStream dis = new DataInputStream(new FileInputStream(tmpFileName));
ts = new Credentials();
ts.readFields(dis);
dis.close();
// get the tokens and compare the services
Collection<Token<? extends TokenIdentifier>> list = ts.getAllTokens();
replacedertEquals("getAllTokens should return collection of size 2", list.size(), 2);
boolean foundFirst = false;
boolean foundSecond = false;
for (Token<? extends TokenIdentifier> token : list) {
if (token.getService().equals(service1)) {
foundFirst = true;
}
if (token.getService().equals(service2)) {
foundSecond = true;
}
}
replacedertTrue("Tokens for services service1 and service2 must be present", foundFirst && foundSecond);
// compare secret keys
int mapLen = m.size();
replacedertEquals("wrong number of keys in the Storage", mapLen, ts.numberOfSecretKeys());
for (Text a : m.keySet()) {
byte[] kTS = ts.getSecretKey(a);
byte[] kLocal = m.get(a);
replacedertTrue("keys don't match for " + a, WritableComparator.compareBytes(kTS, 0, kTS.length, kLocal, 0, kLocal.length) == 0);
}
tmpFileName.delete();
}
static Text[] secret = { new Text("secret1"), new Text("secret2"), new Text("secret3"), new Text("secret4") };
static Text[] service = { new Text("service1"), new Text("service2"), new Text("service3"), new Text("service4") };
static Token<?>[] token = { new Token<TokenIdentifier>(), new Token<TokenIdentifier>(), new Token<TokenIdentifier>(), new Token<TokenIdentifier>() };
@Test
public void addAll() {
Credentials creds = new Credentials();
creds.addToken(service[0], token[0]);
creds.addToken(service[1], token[1]);
creds.addSecretKey(secret[0], secret[0].getBytes());
creds.addSecretKey(secret[1], secret[1].getBytes());
Credentials credsToAdd = new Credentials();
// one duplicate with different value, one new
credsToAdd.addToken(service[0], token[3]);
credsToAdd.addToken(service[2], token[2]);
credsToAdd.addSecretKey(secret[0], secret[3].getBytes());
credsToAdd.addSecretKey(secret[2], secret[2].getBytes());
creds.addAll(credsToAdd);
replacedertEquals(3, creds.numberOfTokens());
replacedertEquals(3, creds.numberOfSecretKeys());
// existing token & secret should be overwritten
replacedertEquals(token[3], creds.getToken(service[0]));
replacedertEquals(secret[3], new Text(creds.getSecretKey(secret[0])));
// non-duplicate token & secret should be present
replacedertEquals(token[1], creds.getToken(service[1]));
replacedertEquals(secret[1], new Text(creds.getSecretKey(secret[1])));
// new token & secret should be added
replacedertEquals(token[2], creds.getToken(service[2]));
replacedertEquals(secret[2], new Text(creds.getSecretKey(secret[2])));
}
@Test
public void mergeAll() {
Credentials creds = new Credentials();
creds.addToken(service[0], token[0]);
creds.addToken(service[1], token[1]);
creds.addSecretKey(secret[0], secret[0].getBytes());
creds.addSecretKey(secret[1], secret[1].getBytes());
Credentials credsToAdd = new Credentials();
// one duplicate with different value, one new
credsToAdd.addToken(service[0], token[3]);
credsToAdd.addToken(service[2], token[2]);
credsToAdd.addSecretKey(secret[0], secret[3].getBytes());
credsToAdd.addSecretKey(secret[2], secret[2].getBytes());
creds.mergeAll(credsToAdd);
replacedertEquals(3, creds.numberOfTokens());
replacedertEquals(3, creds.numberOfSecretKeys());
// existing token & secret should not be overwritten
replacedertEquals(token[0], creds.getToken(service[0]));
replacedertEquals(secret[0], new Text(creds.getSecretKey(secret[0])));
// non-duplicate token & secret should be present
replacedertEquals(token[1], creds.getToken(service[1]));
replacedertEquals(secret[1], new Text(creds.getSecretKey(secret[1])));
// new token & secret should be added
replacedertEquals(token[2], creds.getToken(service[2]));
replacedertEquals(secret[2], new Text(creds.getSecretKey(secret[2])));
}
@Test
public void testAddTokensToUGI() {
UserGroupInformation ugi = UserGroupInformation.createRemoteUser("someone");
Credentials creds = new Credentials();
for (int i = 0; i < service.length; i++) {
creds.addToken(service[i], token[i]);
}
ugi.addCredentials(creds);
creds = ugi.getCredentials();
for (int i = 0; i < service.length; i++) {
replacedertSame(token[i], creds.getToken(service[i]));
}
replacedertEquals(service.length, creds.numberOfTokens());
}
}
18
Source : ParameterParser.java
with Apache License 2.0
from naver
with Apache License 2.0
from naver
Token<DelegationTokenIdentifier> delegationToken() throws IOException {
String delegation = param(DelegationParam.NAME);
final Token<DelegationTokenIdentifier> token = new Token<DelegationTokenIdentifier>();
token.decodeFromUrlString(delegation);
URI nnUri = URI.create(HDFS_URI_SCHEME + "://" + namenodeId());
boolean isLogical = HAUtil.isLogicalUri(conf, nnUri);
if (isLogical) {
token.setService(HAUtil.buildTokenServiceForLogicalUri(nnUri, HDFS_URI_SCHEME));
} else {
token.setService(SecurityUtil.buildTokenService(nnUri));
}
return token;
}
18
Source : AuthenticationTokenSecretManager.java
with Apache License 2.0
from fengchen8086
with Apache License 2.0
from fengchen8086
public Token<AuthenticationTokenIdentifier> generateToken(String username) {
AuthenticationTokenIdentifier ident = new AuthenticationTokenIdentifier(username);
Token<AuthenticationTokenIdentifier> token = new Token<AuthenticationTokenIdentifier>(ident, this);
if (clusterId.hasId()) {
token.setService(new Text(clusterId.getId()));
}
return token;
}
18
Source : User.java
with Apache License 2.0
from fengchen8086
with Apache License 2.0
from fengchen8086
/**
* Returns the Token of the specified kind replacedociated with this user,
* or null if the Token is not present.
*
* @param kind the kind of token
* @param service service on which the token is supposed to be used
* @return the token of the specified kind.
*/
public Token<?> getToken(String kind, String service) throws IOException {
for (Token<?> token : ugi.getTokens()) {
if (token.getKind().toString().equals(kind) && (service != null && token.getService().toString().equals(service))) {
return token;
}
}
return null;
}
18
Source : TokenHandler.java
with Apache License 2.0
from apache
with Apache License 2.0
from apache
/**
* Handler for requests with an existing token.
*/
public abstract clreplaced TokenHandler extends Handler {
@CommandLine.Mixin
private TokenOption tokenFile;
private Token<OzoneTokenIdentifier> token;
@Override
protected boolean isApplicable() {
return securityEnabled() && tokenFile.exists();
}
@Override
protected OzoneClient createClient(OzoneAddress address) throws IOException {
token = tokenFile.decode();
return OzoneClientFactory.getOzoneClient(getConf(), token);
}
Token<OzoneTokenIdentifier> getToken() {
return token;
}
}
18
Source : OzoneDelegationTokenSelector.java
with Apache License 2.0
from apache
with Apache License 2.0
from apache
private Token<OzoneTokenIdentifier> getSelectedTokens(Text service, Collection<Token<? extends TokenIdentifier>> tokens) {
if (service == null) {
return null;
}
for (Token<? extends TokenIdentifier> token : tokens) {
if (OzoneTokenIdentifier.KIND_NAME.equals(token.getKind()) && token.getService().toString().contains(service.toString())) {
return (Token<OzoneTokenIdentifier>) token;
}
}
return null;
}
18
Source : OzonePBHelper.java
with Apache License 2.0
from apache
with Apache License 2.0
from apache
public static Token<? extends TokenIdentifier> tokenFromProto(TokenProto tokenProto) {
Token<? extends TokenIdentifier> token = new Token<>(tokenProto.getIdentifier().toByteArray(), tokenProto.getPreplacedword().toByteArray(), new Text(tokenProto.getKind()), new Text(tokenProto.getService()));
return token;
}
17
Source : MockRM.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
// from AMLauncher
public MockAM sendAMLaunched(ApplicationAttemptId appAttemptId) throws Exception {
MockAM am = new MockAM(getRMContext(), masterService, appAttemptId);
am.waitForState(RMAppAttemptState.ALLOCATED);
// create and set AMRMToken
Token<AMRMTokenIdentifier> amrmToken = this.rmContext.getAMRMTokenSecretManager().createAndGetAMRMToken(appAttemptId);
((RMAppAttemptImpl) this.rmContext.getRMApps().get(appAttemptId.getApplicationId()).getRMAppAttempt(appAttemptId)).setAMRMToken(amrmToken);
getRMContext().getDispatcher().getEventHandler().handle(new RMAppAttemptEvent(appAttemptId, RMAppAttemptEventType.LAUNCHED));
return am;
}
17
Source : RMAuthenticationHandler.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
/**
* Authenticates a request looking for the <code>delegation</code> header and
* verifying it is a valid token. If the header is missing, it delegates the
* authentication to the {@link KerberosAuthenticationHandler} unless it is
* disabled.
*
* @param request
* the HTTP client request.
* @param response
* the HTTP client response.
*
* @return the authentication token for the authenticated request.
* @throws IOException
* thrown if an IO error occurred.
* @throws AuthenticationException
* thrown if the authentication failed.
*/
@Override
public AuthenticationToken authenticate(HttpServletRequest request, HttpServletResponse response) throws IOException, AuthenticationException {
AuthenticationToken token;
String delegationParam = this.getEncodedDelegationTokenFromRequest(request);
if (delegationParam != null) {
Token<RMDelegationTokenIdentifier> dt = new Token<RMDelegationTokenIdentifier>();
;
dt.decodeFromUrlString(delegationParam);
UserGroupInformation ugi = this.verifyToken(dt);
if (ugi == null) {
throw new AuthenticationException("Invalid token");
}
final String shortName = ugi.getShortUserName();
token = new AuthenticationToken(shortName, ugi.getUserName(), getType());
} else {
token = super.authenticate(request, response);
if (token != null) {
// create a token with auth type set correctly
token = new AuthenticationToken(token.getUserName(), token.getName(), super.getType());
}
}
return token;
}
17
Source : ContainerManagerImpl.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
private Credentials parseCredentials(ContainerLaunchContext launchContext) throws IOException {
Credentials credentials = new Credentials();
// //////////// Parse credentials
ByteBuffer tokens = launchContext.getTokens();
if (tokens != null) {
DataInputByteBuffer buf = new DataInputByteBuffer();
tokens.rewind();
buf.reset(tokens);
credentials.readTokenStorageStream(buf);
if (LOG.isDebugEnabled()) {
for (Token<? extends TokenIdentifier> tk : credentials.getAllTokens()) {
LOG.debug(tk.getService() + " = " + tk.toString());
}
}
}
// //////////// End of parsing credentials
return credentials;
}
17
Source : ConverterUtils.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
/**
* Convert a protobuf token into a rpc token and set its service.
*
* @param protoToken the yarn token
* @param service the service for the token
*/
public static <T extends TokenIdentifier> Token<T> convertFromYarn(org.apache.hadoop.yarn.api.records.Token protoToken, Text service) {
Token<T> token = new Token<T>(protoToken.getIdentifier().array(), protoToken.getPreplacedword().array(), new Text(protoToken.getKind()), new Text(protoToken.getService()));
if (service != null) {
token.setService(service);
}
return token;
}
17
Source : TestApplicationMasterServiceProtocolOnHA.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
@Before
public void initialize() throws Exception {
startHACluster(0, false, false, true);
attemptId = this.cluster.createFakeApplicationAttemptId();
amClient = ClientRMProxy.createRMProxy(this.conf, ApplicationMasterProtocol.clreplaced);
Token<AMRMTokenIdentifier> appToken = this.cluster.getResourceManager().getRMContext().getAMRMTokenSecretManager().createAndGetAMRMToken(attemptId);
appToken.setService(ClientRMProxy.getAMRMTokenService(conf));
UserGroupInformation.setLoginUser(UserGroupInformation.createRemoteUser(UserGroupInformation.getCurrentUser().getUserName()));
UserGroupInformation.getCurrentUser().addToken(appToken);
syncToken(appToken);
}
17
Source : TestBlockToken.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
private void tokenGenerationAndVerification(BlockTokenSecretManager master, BlockTokenSecretManager slave) throws Exception {
// single-mode tokens
for (BlockTokenSecretManager.AccessMode mode : BlockTokenSecretManager.AccessMode.values()) {
// generated by master
Token<BlockTokenIdentifier> token1 = master.generateToken(block1, EnumSet.of(mode));
master.checkAccess(token1, null, block1, mode);
slave.checkAccess(token1, null, block1, mode);
// generated by slave
Token<BlockTokenIdentifier> token2 = slave.generateToken(block2, EnumSet.of(mode));
master.checkAccess(token2, null, block2, mode);
slave.checkAccess(token2, null, block2, mode);
}
// multi-mode tokens
Token<BlockTokenIdentifier> mtoken = master.generateToken(block3, EnumSet.allOf(BlockTokenSecretManager.AccessMode.clreplaced));
for (BlockTokenSecretManager.AccessMode mode : BlockTokenSecretManager.AccessMode.values()) {
master.checkAccess(mtoken, null, block3, mode);
slave.checkAccess(mtoken, null, block3, mode);
}
}
17
Source : TokenAspect.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
synchronized void initDelegationToken(UserGroupInformation ugi) {
Token<?> token = selectDelegationToken(ugi);
if (token != null) {
LOG.debug("Found existing DT for " + token.getService());
fs.setDelegationToken(token);
hasInitedToken = true;
}
}
17
Source : TestDelegationToken.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
@Test
public void testDelegationTokenNullRenewer() throws Exception {
TestDelegationTokenSecretManager dtSecretManager = new TestDelegationTokenSecretManager(24 * 60 * 60 * 1000, 10 * 1000, 1 * 1000, 3600000);
dtSecretManager.startThreads();
TestDelegationTokenIdentifier dtId = new TestDelegationTokenIdentifier(new Text("theuser"), null, null);
Token<TestDelegationTokenIdentifier> token = new Token<TestDelegationTokenIdentifier>(dtId, dtSecretManager);
replacedert.replacedertTrue(token != null);
try {
dtSecretManager.renewToken(token, "");
replacedert.fail("Renewal must not succeed");
} catch (IOException e) {
// Preplaced
}
}
17
Source : TestUserGroupInformation.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
/**
* In some scenario, such as HA, delegation tokens are replacedociated with a
* logical name. The tokens are cloned and are replacedociated with the
* physical address of the server where the service is provided.
* This test ensures cloned delegated tokens are locally used
* and are not returned in {@link UserGroupInformation#getCredentials()}
*/
@Test
public void testPrivateTokenExclusion() throws Exception {
UserGroupInformation ugi = UserGroupInformation.getCurrentUser();
TestTokenIdentifier tokenId = new TestTokenIdentifier();
Token<TestTokenIdentifier> token = new Token<TestTokenIdentifier>(tokenId.getBytes(), "preplacedword".getBytes(), tokenId.getKind(), null);
ugi.addToken(new Text("regular-token"), token);
// Now add cloned private token
ugi.addToken(new Text("private-token"), new Token.PrivateToken<TestTokenIdentifier>(token));
ugi.addToken(new Text("private-token1"), new Token.PrivateToken<TestTokenIdentifier>(token));
// Ensure only non-private tokens are returned
Collection<Token<? extends TokenIdentifier>> tokens = ugi.getCredentials().getAllTokens();
replacedertEquals(1, tokens.size());
}
17
Source : TestUserGroupInformation.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
// from Mockito mocks
@SuppressWarnings("unchecked")
@Test(timeout = 30000)
public <T extends TokenIdentifier> void testAddToken() throws Exception {
UserGroupInformation ugi = UserGroupInformation.createRemoteUser("someone");
Token<T> t1 = mock(Token.clreplaced);
Token<T> t2 = mock(Token.clreplaced);
Token<T> t3 = mock(Token.clreplaced);
// add token to ugi
ugi.addToken(t1);
checkTokens(ugi, t1);
// replace token t1 with t2 - with same key (null)
ugi.addToken(t2);
checkTokens(ugi, t2);
// change t1 service and add token
when(t1.getService()).thenReturn(new Text("t1"));
ugi.addToken(t1);
checkTokens(ugi, t1, t2);
// overwrite t1 token with t3 - same key (!null)
when(t3.getService()).thenReturn(new Text("t1"));
ugi.addToken(t3);
checkTokens(ugi, t2, t3);
// just try to re-add with new name
when(t1.getService()).thenReturn(new Text("t1.1"));
ugi.addToken(t1);
checkTokens(ugi, t1, t2, t3);
// just try to re-add with new name again
ugi.addToken(t1);
checkTokens(ugi, t1, t2, t3);
}
17
Source : TestDelegationTokenRenewer.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
@Test
public void testStopRenewalWhenFsGone() throws IOException, InterruptedException {
Configuration conf = mock(Configuration.clreplaced);
Token<?> token = mock(Token.clreplaced);
doReturn(new Text("myservice")).when(token).getService();
doAnswer(new Answer<Long>() {
public Long answer(InvocationOnMock invocation) {
return Time.now() + RENEW_CYCLE;
}
}).when(token).renew(any(Configuration.clreplaced));
RenewableFileSystem fs = mock(RenewableFileSystem.clreplaced);
doReturn(conf).when(fs).getConf();
doReturn(token).when(fs).getRenewToken();
renewer.addRenewAction(fs);
replacedertEquals(1, renewer.getRenewQueueLength());
Thread.sleep(RENEW_CYCLE);
verify(token, atLeast(1)).renew(eq(conf));
verify(token, atMost(2)).renew(eq(conf));
// drop weak ref
fs = null;
System.gc();
System.gc();
System.gc();
// next renew should detect the fs as gone
Thread.sleep(RENEW_CYCLE);
verify(token, atLeast(1)).renew(eq(conf));
verify(token, atMost(2)).renew(eq(conf));
replacedertEquals(0, renewer.getRenewQueueLength());
}
17
Source : TestDelegationTokenRenewer.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
@Test(timeout = 4000)
public void testMultipleTokensDoNotDeadlock() throws IOException, InterruptedException {
Configuration conf = mock(Configuration.clreplaced);
FileSystem fs = mock(FileSystem.clreplaced);
doReturn(conf).when(fs).getConf();
// 1h
long distantFuture = Time.now() + 3600 * 1000;
Token<?> token1 = mock(Token.clreplaced);
doReturn(new Text("myservice1")).when(token1).getService();
doReturn(distantFuture).when(token1).renew(eq(conf));
Token<?> token2 = mock(Token.clreplaced);
doReturn(new Text("myservice2")).when(token2).getService();
doReturn(distantFuture).when(token2).renew(eq(conf));
RenewableFileSystem fs1 = mock(RenewableFileSystem.clreplaced);
doReturn(conf).when(fs1).getConf();
doReturn(token1).when(fs1).getRenewToken();
RenewableFileSystem fs2 = mock(RenewableFileSystem.clreplaced);
doReturn(conf).when(fs2).getConf();
doReturn(token2).when(fs2).getRenewToken();
renewer.addRenewAction(fs1);
renewer.addRenewAction(fs2);
replacedertEquals(2, renewer.getRenewQueueLength());
renewer.removeRenewAction(fs1);
replacedertEquals(1, renewer.getRenewQueueLength());
renewer.removeRenewAction(fs2);
replacedertEquals(0, renewer.getRenewQueueLength());
verify(token1).cancel(eq(conf));
verify(token2).cancel(eq(conf));
}
17
Source : StramWSFilter.java
with Apache License 2.0
from lealone
with Apache License 2.0
from lealone
private String createClientToken(String username, String service) throws IOException {
StramDelegationTokenIdentifier tokenIdentifier = new StramDelegationTokenIdentifier(new Text(username), new Text(loginUser), new Text());
// tokenIdentifier.setSequenceNumber(sequenceNumber.getAndAdd(1));
// byte[] preplacedword = tokenManager.addIdentifier(tokenIdentifier);
// Token<StramDelegationTokenIdentifier> token = new Token<StramDelegationTokenIdentifier>(tokenIdentifier.getBytes(), preplacedword, tokenIdentifier.getKind(), new Text(service));
Token<StramDelegationTokenIdentifier> token = new Token<>(tokenIdentifier, tokenManager);
token.setService(new Text(service));
return token.encodeToUrlString();
}
17
Source : StramDelegationTokenSelector.java
with Apache License 2.0
from lealone
with Apache License 2.0
from lealone
@Override
public Token<StramDelegationTokenIdentifier> selectToken(Text text, Collection<Token<? extends TokenIdentifier>> clctn) {
Token<StramDelegationTokenIdentifier> token = null;
if (text != null) {
for (Token<? extends TokenIdentifier> ctoken : clctn) {
if (StramDelegationTokenIdentifier.IDENTIFIER_KIND.equals(ctoken.getKind()) && text.equals(ctoken.getService())) {
token = (Token<StramDelegationTokenIdentifier>) ctoken;
}
}
}
return token;
}
17
Source : PingServer.java
with Apache License 2.0
from GoogleCloudPlatform
with Apache License 2.0
from GoogleCloudPlatform
private static void checkRenewSessionToken(Configuration config, String sessionToken) throws IOException {
try {
Token<BrokerTokenIdentifier> token = getTokenBTI(sessionToken);
BrokerTokenRenewer renewer = new BrokerTokenRenewer();
renewer.renew(token, config);
System.out.println(CHECK_SUCCESS);
} catch (Exception e) {
System.out.println(CHECK_FAIL);
e.printStackTrace(System.out);
System.out.println();
}
}
17
Source : PingServer.java
with Apache License 2.0
from GoogleCloudPlatform
with Apache License 2.0
from GoogleCloudPlatform
private static void checkCancelSessionToken(Configuration config, String sessionToken) throws IOException {
try {
Token<BrokerTokenIdentifier> token = getTokenBTI(sessionToken);
BrokerTokenRenewer renewer = new BrokerTokenRenewer();
renewer.cancel(token, config);
System.out.println(CHECK_SUCCESS);
} catch (Exception e) {
System.out.println(CHECK_FAIL);
e.printStackTrace(System.out);
System.out.println();
}
}
17
Source : TestHBaseSaslRpcClient.java
with Apache License 2.0
from fengchen8086
with Apache License 2.0
from fengchen8086
private Token<? extends TokenIdentifier> createTokenMockWithCredentials(String principal, String preplacedword) throws IOException {
Token<? extends TokenIdentifier> token = createTokenMock();
if (!Strings.isNullOrEmpty(principal) && !Strings.isNullOrEmpty(preplacedword)) {
when(token.getIdentifier()).thenReturn(DEFAULT_USER_NAME.getBytes());
when(token.getPreplacedword()).thenReturn(DEFAULT_USER_PreplacedWORD.getBytes());
}
return token;
}
17
Source : TokenProvider.java
with Apache License 2.0
from fengchen8086
with Apache License 2.0
from fengchen8086
@Override
public void getAuthenticationToken(RpcController controller, AuthenticationProtos.GetAuthenticationTokenRequest request, RpcCallback<AuthenticationProtos.GetAuthenticationTokenResponse> done) {
AuthenticationProtos.GetAuthenticationTokenResponse.Builder response = AuthenticationProtos.GetAuthenticationTokenResponse.newBuilder();
try {
if (secretManager == null) {
throw new IOException("No secret manager configured for token authentication");
}
User currentUser = RpcServer.getRequestUser();
UserGroupInformation ugi = null;
if (currentUser != null) {
ugi = currentUser.getUGI();
}
if (currentUser == null) {
throw new AccessDeniedException("No authenticated user for request!");
} else if (!isAllowedDelegationTokenOp(ugi)) {
LOG.warn("Token generation denied for user=" + currentUser.getName() + ", authMethod=" + ugi.getAuthenticationMethod());
throw new AccessDeniedException("Token generation only allowed for Kerberos authenticated clients");
}
Token<AuthenticationTokenIdentifier> token = secretManager.generateToken(currentUser.getName());
response.setToken(ProtobufUtil.toToken(token)).build();
} catch (IOException ioe) {
ResponseConverter.setControllerException(controller, ioe);
}
done.run(response.build());
}
17
Source : TokenUtil.java
with Apache License 2.0
from fengchen8086
with Apache License 2.0
from fengchen8086
/**
* Obtain an authentication token for the given user and add it to the
* user's credentials.
* @param conn The HBase cluster connection
* @param user The user for whom to obtain the token
* @throws IOException If making a remote call to the authentication service fails
* @throws InterruptedException If executing as the given user is interrupted
*/
public static void obtainAndCacheToken(final Connection conn, User user) throws IOException, InterruptedException {
try {
Token<AuthenticationTokenIdentifier> token = obtainToken(conn, user);
if (token == null) {
throw new IOException("No token returned for user " + user.getName());
}
if (LOG.isDebugEnabled()) {
LOG.debug("Obtained token " + token.getKind().toString() + " for user " + user.getName());
}
user.addToken(token);
} catch (IOException ioe) {
throw ioe;
} catch (InterruptedException ie) {
throw ie;
} catch (RuntimeException re) {
throw re;
} catch (Exception e) {
throw new UndeclaredThrowableException(e, "Unexpected exception obtaining token for user " + user.getName());
}
}
17
Source : GetTokenHandler.java
with Apache License 2.0
from apache
with Apache License 2.0
from apache
@Override
protected void execute(OzoneClient client, OzoneAddress address) throws IOException, OzoneClientException {
Token<OzoneTokenIdentifier> token = client.getObjectStore().getDelegationToken(new Text(renewer.getValue()));
if (Objects.isNull(token)) {
err().println("Error: Get delegation token operation failed. " + "Check OzoneManager logs for more details.");
} else {
out().println("Successfully get token for service " + token.getService());
out().println(token.toString());
tokenFile.persistToken(token);
}
}
17
Source : TestOzoneDelegationTokenSecretManager.java
with Apache License 2.0
from apache
with Apache License 2.0
from apache
@Test
public void testCancelTokenFailure() throws Exception {
secretManager = createSecretManager(conf, tokenMaxLifetime, expiryTime, tokenRemoverScanInterval);
secretManager.start(certificateClient);
Token<OzoneTokenIdentifier> token = secretManager.createToken(TEST_USER, TEST_USER, TEST_USER);
LambdaTestUtils.intercept(AccessControlException.clreplaced, "rougeUser is not authorized to cancel the token", () -> {
secretManager.cancelToken(token, "rougeUser");
});
}
17
Source : TestOzoneDelegationTokenSecretManager.java
with Apache License 2.0
from apache
with Apache License 2.0
from apache
/**
* Tests failure for mismatch in renewer.
*/
@Test
public void testRenewTokenFailure() throws Exception {
secretManager = createSecretManager(conf, tokenMaxLifetime, expiryTime, tokenRemoverScanInterval);
secretManager.start(certificateClient);
Token<OzoneTokenIdentifier> token = secretManager.createToken(TEST_USER, TEST_USER, TEST_USER);
LambdaTestUtils.intercept(AccessControlException.clreplaced, "rougeUser tries to renew a token", () -> {
secretManager.renewToken(token, "rougeUser");
});
}
17
Source : TestOzoneDelegationTokenSecretManager.java
with Apache License 2.0
from apache
with Apache License 2.0
from apache
@Test
public void testCancelTokenSuccess() throws Exception {
secretManager = createSecretManager(conf, tokenMaxLifetime, expiryTime, tokenRemoverScanInterval);
secretManager.start(certificateClient);
Token<OzoneTokenIdentifier> token = secretManager.createToken(TEST_USER, TEST_USER, TEST_USER);
secretManager.cancelToken(token, TEST_USER.toString());
}
17
Source : OMGetDelegationTokenRequest.java
with Apache License 2.0
from apache
with Apache License 2.0
from apache
@Override
public OMRequest preExecute(OzoneManager ozoneManager) throws IOException {
GetDelegationTokenRequestProto getDelegationTokenRequest = getOmRequest().getGetDelegationTokenRequest();
// Call OM to create token
Token<OzoneTokenIdentifier> token = ozoneManager.getDelegationToken(new Text(getDelegationTokenRequest.getRenewer()));
// Client issues GetDelegationToken request, when received by OM leader
// it will generate a token. Original GetDelegationToken request is
// converted to UpdateGetDelegationToken request with the generated token
// information. This updated request will be submitted to Ratis. In this
// way delegation token created by leader, will be replicated across all
// OMs. With this approach, original GetDelegationToken request from
// client does not need any proto changes.
// Create UpdateGetDelegationTokenRequest with token response.
OMRequest.Builder omRequest;
if (token != null) {
omRequest = OMRequest.newBuilder().setUserInfo(getUserInfo()).setUpdateGetDelegationTokenRequest(UpdateGetDelegationTokenRequest.newBuilder().setGetDelegationTokenResponse(GetDelegationTokenResponseProto.newBuilder().setResponse(SecurityProtos.GetDelegationTokenResponseProto.newBuilder().setToken(OMPBHelper.convertToTokenProto(token)).build()).build()).setTokenRenewInterval(ozoneManager.getDelegationTokenMgr().getTokenRenewInterval())).setCmdType(getOmRequest().getCmdType()).setClientId(getOmRequest().getClientId());
} else {
// If token is null, do not set GetDelegationTokenResponse with response.
omRequest = OMRequest.newBuilder().setUserInfo(getUserInfo()).setUpdateGetDelegationTokenRequest(UpdateGetDelegationTokenRequest.newBuilder().setGetDelegationTokenResponse(GetDelegationTokenResponseProto.newBuilder())).setCmdType(getOmRequest().getCmdType()).setClientId(getOmRequest().getClientId());
}
if (getOmRequest().hasTraceID()) {
omRequest.setTraceID(getOmRequest().getTraceID());
}
return omRequest.build();
}
17
Source : OmKeyLocationInfo.java
with Apache License 2.0
from apache
with Apache License 2.0
from apache
/**
* One key can be too huge to fit in one container. In which case it gets split
* into a number of subkeys. This clreplaced represents one such subkey instance.
*/
public final clreplaced OmKeyLocationInfo {
private final BlockID blockID;
// the id of this subkey in all the subkeys.
private long length;
private final long offset;
// Block token, required for client authentication when security is enabled.
private Token<OzoneBlockTokenIdentifier> token;
// the version number indicating when this block was added
private long createVersion;
private Pipeline pipeline;
// PartNumber is set for Multipart upload Keys.
private int partNumber = -1;
private OmKeyLocationInfo(BlockID blockID, Pipeline pipeline, long length, long offset, int partNumber) {
this.blockID = blockID;
this.pipeline = pipeline;
this.length = length;
this.offset = offset;
this.partNumber = partNumber;
}
private OmKeyLocationInfo(BlockID blockID, Pipeline pipeline, long length, long offset, Token<OzoneBlockTokenIdentifier> token, int partNumber) {
this.blockID = blockID;
this.pipeline = pipeline;
this.length = length;
this.offset = offset;
this.token = token;
this.partNumber = partNumber;
}
public void setCreateVersion(long version) {
createVersion = version;
}
public long getCreateVersion() {
return createVersion;
}
public BlockID getBlockID() {
return blockID;
}
public long getContainerID() {
return blockID.getContainerID();
}
public long getLocalID() {
return blockID.getLocalID();
}
public Pipeline getPipeline() {
return pipeline;
}
public long getLength() {
return length;
}
public void setLength(long length) {
this.length = length;
}
public long getOffset() {
return offset;
}
public long getBlockCommitSequenceId() {
return blockID.getBlockCommitSequenceId();
}
public Token<OzoneBlockTokenIdentifier> getToken() {
return token;
}
public void setToken(Token<OzoneBlockTokenIdentifier> token) {
this.token = token;
}
public void setPipeline(Pipeline pipeline) {
this.pipeline = pipeline;
}
public void setPartNumber(int partNumber) {
this.partNumber = partNumber;
}
public int getPartNumber() {
return partNumber;
}
/**
* Builder of OmKeyLocationInfo.
*/
public static clreplaced Builder {
private BlockID blockID;
private long length;
private long offset;
private Token<OzoneBlockTokenIdentifier> token;
private Pipeline pipeline;
private int partNumber;
public Builder setBlockID(BlockID blockId) {
this.blockID = blockId;
return this;
}
@SuppressWarnings("checkstyle:hiddenfield")
public Builder setPipeline(Pipeline pipeline) {
this.pipeline = pipeline;
return this;
}
public Builder setLength(long len) {
this.length = len;
return this;
}
public Builder setOffset(long off) {
this.offset = off;
return this;
}
public Builder setToken(Token<OzoneBlockTokenIdentifier> bToken) {
this.token = bToken;
return this;
}
public Builder setPartNumber(int partNum) {
this.partNumber = partNum;
return this;
}
public OmKeyLocationInfo build() {
return new OmKeyLocationInfo(blockID, pipeline, length, offset, token, partNumber);
}
}
public KeyLocation getProtobuf(int clientVersion) {
return getProtobuf(false, clientVersion);
}
public KeyLocation getProtobuf(boolean ignorePipeline, int clientVersion) {
KeyLocation.Builder builder = KeyLocation.newBuilder().setBlockID(blockID.getProtobuf()).setLength(length).setOffset(offset).setCreateVersion(createVersion).setPartNumber(partNumber);
if (this.token != null) {
builder.setToken(OzonePBHelper.protoFromToken(token));
}
if (!ignorePipeline) {
try {
builder.setPipeline(pipeline.getProtobufMessage(clientVersion));
} catch (UnknownPipelineStateException e) {
// TODO: fix me: we should not return KeyLocation without pipeline.
}
}
return builder.build();
}
private static Pipeline getPipeline(KeyLocation keyLocation) {
try {
return keyLocation.hasPipeline() ? Pipeline.getFromProtobuf(keyLocation.getPipeline()) : null;
} catch (UnknownPipelineStateException e) {
return null;
}
}
public static OmKeyLocationInfo getFromProtobuf(KeyLocation keyLocation) {
OmKeyLocationInfo info = new OmKeyLocationInfo(BlockID.getFromProtobuf(keyLocation.getBlockID()), getPipeline(keyLocation), keyLocation.getLength(), keyLocation.getOffset(), keyLocation.getPartNumber());
if (keyLocation.hasToken()) {
info.token = (Token<OzoneBlockTokenIdentifier>) OzonePBHelper.tokenFromProto(keyLocation.getToken());
}
info.setCreateVersion(keyLocation.getCreateVersion());
return info;
}
@Override
public String toString() {
return "{blockID={containerID=" + blockID.getContainerID() + ", localID=" + blockID.getLocalID() + "}" + ", length=" + length + ", offset=" + offset + ", token=" + token + ", pipeline=" + pipeline + ", createVersion=" + createVersion + ", partNumber=" + partNumber + '}';
}
@Override
public boolean equals(Object o) {
if (this == o) {
return true;
}
if (o == null || getClreplaced() != o.getClreplaced()) {
return false;
}
OmKeyLocationInfo that = (OmKeyLocationInfo) o;
return length == that.length && offset == that.offset && createVersion == that.createVersion && Objects.equals(blockID, that.blockID) && Objects.equals(token, that.token) && Objects.equals(pipeline, that.pipeline);
}
@Override
public int hashCode() {
return Objects.hash(blockID, length, offset, token, createVersion, pipeline);
}
}
16
Source : RMDelegationTokenSelector.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
@SuppressWarnings("unchecked")
public Token<RMDelegationTokenIdentifier> selectToken(Text service, Collection<Token<? extends TokenIdentifier>> tokens) {
if (service == null) {
return null;
}
LOG.debug("Looking for a token with service " + service.toString());
for (Token<? extends TokenIdentifier> token : tokens) {
LOG.debug("Token kind is " + token.getKind().toString() + " and the token's service name is " + token.getService());
if (RMDelegationTokenIdentifier.KIND_NAME.equals(token.getKind()) && checkService(service, token)) {
return (Token<RMDelegationTokenIdentifier>) token;
}
}
return null;
}
16
Source : ClientToAMTokenSelector.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
@SuppressWarnings("unchecked")
public Token<ClientToAMTokenIdentifier> selectToken(Text service, Collection<Token<? extends TokenIdentifier>> tokens) {
if (service == null) {
return null;
}
LOG.debug("Looking for a token with service " + service.toString());
for (Token<? extends TokenIdentifier> token : tokens) {
LOG.debug("Token kind is " + token.getKind().toString() + " and the token's service name is " + token.getService());
if (ClientToAMTokenIdentifier.KIND_NAME.equals(token.getKind()) && service.equals(token.getService())) {
return (Token<ClientToAMTokenIdentifier>) token;
}
}
return null;
}
16
Source : AMRMTokenSelector.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
@SuppressWarnings("unchecked")
public Token<AMRMTokenIdentifier> selectToken(Text service, Collection<Token<? extends TokenIdentifier>> tokens) {
if (service == null) {
return null;
}
LOG.debug("Looking for a token with service " + service.toString());
for (Token<? extends TokenIdentifier> token : tokens) {
LOG.debug("Token kind is " + token.getKind().toString() + " and the token's service name is " + token.getService());
if (AMRMTokenIdentifier.KIND_NAME.equals(token.getKind()) && checkService(service, token)) {
return (Token<AMRMTokenIdentifier>) token;
}
}
return null;
}
16
Source : ShuffleHandler.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
static Token<JobTokenIdentifier> deserializeServiceData(ByteBuffer secret) throws IOException {
DataInputByteBuffer in = new DataInputByteBuffer();
in.reset(secret);
Token<JobTokenIdentifier> jt = new Token<JobTokenIdentifier>();
jt.readFields(in);
return jt;
}
16
Source : JobTokenSelector.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
@SuppressWarnings("unchecked")
@Override
public Token<JobTokenIdentifier> selectToken(Text service, Collection<Token<? extends TokenIdentifier>> tokens) {
if (service == null) {
return null;
}
for (Token<? extends TokenIdentifier> token : tokens) {
if (JobTokenIdentifier.KIND_NAME.equals(token.getKind()) && service.equals(token.getService())) {
return (Token<JobTokenIdentifier>) token;
}
}
return null;
}
16
Source : JobSubmitter.java
with Apache License 2.0
from NJUJYB
with Apache License 2.0
from NJUJYB
private void printTokens(JobID jobId, Credentials credentials) throws IOException {
LOG.info("Submitting tokens for job: " + jobId);
for (Token<?> token : credentials.getAllTokens()) {
LOG.info(token);
}
}
See More Examples