hadoop-common-project/hadoop-auth/src/main/java/org/apache/hadoop/security/authentication/util/SignerSecretProvider.java - hadoop - Git at Google

 /**
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License. See accompanying LICENSE file.
  */
 package org.apache.hadoop.security.authentication.util;

 import java.util.Properties;
 import javax.servlet.ServletContext;
 import org.apache.hadoop.classification.InterfaceAudience;
 import org.apache.hadoop.classification.InterfaceStability;

 /**
  * The SignerSecretProvider is an abstract way to provide a secret to be used
  * by the Signer so that we can have different implementations that potentially
  * do more complicated things in the backend.
  * See the RolloverSignerSecretProvider class for an implementation that
  * supports rolling over the secret at a regular interval.
  */
 @InterfaceStability.Unstable
 @InterfaceAudience.Private
 public abstract class SignerSecretProvider {

   /**
    * Initialize the SignerSecretProvider
    * @param config configuration properties
    * @param servletContext servlet context
    * @param tokenValidity The amount of time a token is valid for
    * @throws Exception thrown if an error occurred
    */
   public abstract void init(Properties config, ServletContext servletContext,
           long tokenValidity) throws Exception;
   /**
    * Will be called on shutdown; subclasses should perform any cleanup here.
    */
   public void destroy() {}

   /**
    * Returns the current secret to be used by the Signer for signing new
    * cookies.  This should never return null.
    * <p>
    * Callers should be careful not to modify the returned value.
    * @return the current secret
    */
   public abstract byte[] getCurrentSecret();

   /**
    * Returns all secrets that a cookie could have been signed with and are still
    * valid; this should include the secret returned by getCurrentSecret().
    * <p>
    * Callers should be careful not to modify the returned value.
    * @return the secrets
    */
   public abstract byte[][] getAllSecrets();
 }
	/**
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License. See accompanying LICENSE file.
	*/
	package org.apache.hadoop.security.authentication.util;

	import java.util.Properties;
	import javax.servlet.ServletContext;
	import org.apache.hadoop.classification.InterfaceAudience;
	import org.apache.hadoop.classification.InterfaceStability;

	/**
	* The SignerSecretProvider is an abstract way to provide a secret to be used
	* by the Signer so that we can have different implementations that potentially
	* do more complicated things in the backend.
	* See the RolloverSignerSecretProvider class for an implementation that
	* supports rolling over the secret at a regular interval.
	*/
	@InterfaceStability.Unstable
	@InterfaceAudience.Private
	public abstract class SignerSecretProvider {

	/**
	* Initialize the SignerSecretProvider
	* @param config configuration properties
	* @param servletContext servlet context
	* @param tokenValidity The amount of time a token is valid for
	* @throws Exception thrown if an error occurred
	*/
	public abstract void init(Properties config, ServletContext servletContext,
	long tokenValidity) throws Exception;
	/**
	* Will be called on shutdown; subclasses should perform any cleanup here.
	*/
	public void destroy() {}

	/**
	* Returns the current secret to be used by the Signer for signing new
	* cookies. This should never return null.
	* <p>
	* Callers should be careful not to modify the returned value.
	* @return the current secret
	*/
	public abstract byte[] getCurrentSecret();

	/**
	* Returns all secrets that a cookie could have been signed with and are still
	* valid; this should include the secret returned by getCurrentSecret().
	* <p>
	* Callers should be careful not to modify the returned value.
	* @return the secrets
	*/
	public abstract byte[][] getAllSecrets();
	}