@Test
public void invalidTokenThrows() {
when(UserGroupInformation.isSecurityEnabled()).thenReturn(true);
when(mockProtocolData.getToken()).thenReturn("This is odd");
try {
SecuredHDFS.verifyToken(mockProtocolData, mockContext);
fail("invalid X-GP-TOKEN should throw");
} catch (SecurityException e) {
assertEquals("Failed to verify delegation token java.io.EOFException", e.getMessage());
}
}
/**
* The function will get the token information from parameters and call SecuredHDFS to verify the
* token.
*
* <p>All token properties will be deserialized from string to a Token object
*
* @param protData input parameters
* @param context servlet context which contains the NN address
* @throws SecurityException Thrown when authentication fails
*/
public static void verifyToken(ProtocolData protData, ServletContext context) {
try {
if (UserGroupInformation.isSecurityEnabled()) {
Token<DelegationTokenIdentifier> token = new Token<DelegationTokenIdentifier>();
String tokenString = protData.getToken();
token.decodeFromUrlString(tokenString);
verifyToken(
token.getIdentifier(),
token.getPassword(),
token.getKind(),
token.getService(),
context);
}
} catch (IOException e) {
throw new SecurityException("Failed to verify delegation token " + e, e);
}
}
