org.apache.hadoop.crypto.key.kms.server.MiniKMS.java Source code

Java tutorial

Introduction

Here is the source code for org.apache.hadoop.crypto.key.kms.server.MiniKMS.java

Source

/**
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.apache.hadoop.crypto.key.kms.server;

import com.google.common.base.Preconditions;

import org.apache.commons.io.IOUtils;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.crypto.key.kms.KMSRESTConstants;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.security.ssl.SslSelectChannelConnectorSecure;
import org.mortbay.jetty.Connector;
import org.mortbay.jetty.Server;
import org.mortbay.jetty.security.SslSelectChannelConnector;
import org.mortbay.jetty.webapp.WebAppContext;

import java.io.File;
import java.io.FileOutputStream;
import java.io.FileWriter;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.Writer;
import java.net.InetAddress;
import java.net.MalformedURLException;
import java.net.ServerSocket;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.util.UUID;

public class MiniKMS {

    private static Server createJettyServer(String keyStore, String password, int inPort) {
        try {
            boolean ssl = keyStore != null;
            String host = "localhost";
            Server server = new Server(inPort);
            if (!ssl) {
                server.getConnectors()[0].setHost(host);
            } else {
                SslSelectChannelConnector c = new SslSelectChannelConnectorSecure();
                c.setHost(host);
                c.setNeedClientAuth(false);
                c.setKeystore(keyStore);
                c.setKeystoreType("jks");
                c.setKeyPassword(password);
                server.setConnectors(new Connector[] { c });
            }
            return server;
        } catch (Exception ex) {
            throw new RuntimeException("Could not start embedded servlet container, " + ex.getMessage(), ex);
        }
    }

    private static URL getJettyURL(Server server) {
        boolean ssl = server.getConnectors()[0].getClass() == SslSelectChannelConnectorSecure.class;
        try {
            String scheme = (ssl) ? "https" : "http";
            return new URL(scheme + "://" + server.getConnectors()[0].getHost() + ":"
                    + server.getConnectors()[0].getLocalPort());
        } catch (MalformedURLException ex) {
            throw new RuntimeException("It should never happen, " + ex.getMessage(), ex);
        }
    }

    public static class Builder {
        private File kmsConfDir;
        private String log4jConfFile;
        private File keyStoreFile;
        private String keyStorePassword;
        private int inPort;

        public Builder() {
            kmsConfDir = new File("target/test-classes").getAbsoluteFile();
            log4jConfFile = "kms-log4j.properties";
        }

        public Builder setKmsConfDir(File confDir) {
            Preconditions.checkNotNull(confDir, "KMS conf dir is NULL");
            Preconditions.checkArgument(confDir.exists(), "KMS conf dir does not exist");
            kmsConfDir = confDir;
            return this;
        }

        public Builder setLog4jConfFile(String log4jConfFile) {
            Preconditions.checkNotNull(log4jConfFile, "log4jconf file is NULL");
            this.log4jConfFile = log4jConfFile;
            return this;
        }

        public Builder setPort(int port) {
            Preconditions.checkArgument(port > 0, "input port must be greater than 0");
            this.inPort = port;
            return this;
        }

        public Builder setSslConf(File keyStoreFile, String keyStorePassword) {
            Preconditions.checkNotNull(keyStoreFile, "keystore file is NULL");
            Preconditions.checkNotNull(keyStorePassword, "keystore password is NULL");
            Preconditions.checkArgument(keyStoreFile.exists(), "keystore file does not exist");
            this.keyStoreFile = keyStoreFile;
            this.keyStorePassword = keyStorePassword;
            return this;
        }

        public MiniKMS build() {
            Preconditions.checkArgument(kmsConfDir.exists(), "KMS conf dir does not exist");
            return new MiniKMS(kmsConfDir.getAbsolutePath(), log4jConfFile,
                    (keyStoreFile != null) ? keyStoreFile.getAbsolutePath() : null, keyStorePassword, inPort);
        }
    }

    private String kmsConfDir;
    private String log4jConfFile;
    private String keyStore;
    private String keyStorePassword;
    private Server jetty;
    private int inPort;
    private URL kmsURL;

    public MiniKMS(String kmsConfDir, String log4ConfFile, String keyStore, String password, int inPort) {
        this.kmsConfDir = kmsConfDir;
        this.log4jConfFile = log4ConfFile;
        this.keyStore = keyStore;
        this.keyStorePassword = password;
        this.inPort = inPort;
    }

    public void start() throws Exception {
        ClassLoader cl = Thread.currentThread().getContextClassLoader();
        System.setProperty(KMSConfiguration.KMS_CONFIG_DIR, kmsConfDir);
        File aclsFile = new File(kmsConfDir, "kms-acls.xml");
        if (!aclsFile.exists()) {
            InputStream is = cl.getResourceAsStream("mini-kms-acls-default.xml");
            OutputStream os = new FileOutputStream(aclsFile);
            IOUtils.copy(is, os);
            is.close();
            os.close();
        }
        File coreFile = new File(kmsConfDir, "core-site.xml");
        if (!coreFile.exists()) {
            Configuration core = new Configuration();
            Writer writer = new FileWriter(coreFile);
            core.writeXml(writer);
            writer.close();
        }
        File kmsFile = new File(kmsConfDir, "kms-site.xml");
        if (!kmsFile.exists()) {
            Configuration kms = new Configuration(false);
            kms.set(KMSConfiguration.KEY_PROVIDER_URI,
                    "jceks://file@" + new Path(kmsConfDir, "kms.keystore").toUri());
            kms.set("hadoop.kms.authentication.type", "simple");
            Writer writer = new FileWriter(kmsFile);
            kms.writeXml(writer);
            writer.close();
        }
        System.setProperty("log4j.configuration", log4jConfFile);
        jetty = createJettyServer(keyStore, keyStorePassword, inPort);

        // we need to do a special handling for MiniKMS to work when in a dir and
        // when in a JAR in the classpath thanks to Jetty way of handling of webapps
        // when they are in the a DIR, WAR or JAR.
        URL webXmlUrl = cl.getResource("kms-webapp/WEB-INF/web.xml");
        if (webXmlUrl == null) {
            throw new RuntimeException("Could not find kms-webapp/ dir in test classpath");
        }
        boolean webXmlInJar = webXmlUrl.getPath().contains(".jar!/");
        String webappPath;
        if (webXmlInJar) {
            File webInf = new File("target/" + UUID.randomUUID().toString() + "/kms-webapp/WEB-INF");
            webInf.mkdirs();
            new File(webInf, "web.xml").delete();
            InputStream is = cl.getResourceAsStream("kms-webapp/WEB-INF/web.xml");
            OutputStream os = new FileOutputStream(new File(webInf, "web.xml"));
            IOUtils.copy(is, os);
            is.close();
            os.close();
            webappPath = webInf.getParentFile().getAbsolutePath();
        } else {
            webappPath = cl.getResource("kms-webapp").getPath();
        }
        WebAppContext context = new WebAppContext(webappPath, "/kms");
        if (webXmlInJar) {
            context.setClassLoader(cl);
        }
        jetty.addHandler(context);
        jetty.start();
        kmsURL = new URL(getJettyURL(jetty), "kms");
    }

    public URL getKMSUrl() {
        return kmsURL;
    }

    public void stop() {
        if (jetty != null && jetty.isRunning()) {
            try {
                jetty.stop();
                jetty = null;
            } catch (Exception ex) {
                throw new RuntimeException("Could not stop MiniKMS embedded Jetty, " + ex.getMessage(), ex);
            }
        }
    }

}