-
Notifications
You must be signed in to change notification settings - Fork 156
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Detach `TokenBrokerFactory` sub-classes from Jackson-based config parsing logic. * Add a new unified `TokenBrokerConfig` under DW to hold JWT config data. * Resolve JWT factories through HK2 named service lookup, using the type name from `TokenBrokerConfig` * Add dedicated class `NoneTokenBrokerFactory` for the default do-nothing token broker implementation. * Yaml config (`polaris-server.yml`) is not affected
- Loading branch information
Showing
7 changed files
with
210 additions
and
75 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
75 changes: 75 additions & 0 deletions
75
...service/src/main/java/org/apache/polaris/service/dropwizard/config/TokenBrokerConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,75 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one | ||
| * or more contributor license agreements. See the NOTICE file | ||
| * distributed with this work for additional information | ||
| * regarding copyright ownership. The ASF licenses this file | ||
| * to you under the Apache License, Version 2.0 (the | ||
| * "License"); you may not use this file except in compliance | ||
| * with the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, | ||
| * software distributed under the License is distributed on an | ||
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | ||
| * KIND, either express or implied. See the License for the | ||
| * specific language governing permissions and limitations | ||
| * under the License. | ||
| */ | ||
| package org.apache.polaris.service.dropwizard.config; | ||
|
|
||
| import com.fasterxml.jackson.annotation.JsonProperty; | ||
| import jakarta.annotation.Nullable; | ||
| import org.apache.polaris.service.auth.TokenBrokerFactoryConfig; | ||
|
|
||
| /** | ||
| * This object receives the subsection of the server config YAML (`polaris-server.yml`) that is | ||
| * related to JWT brokers. | ||
| */ | ||
| public class TokenBrokerConfig implements TokenBrokerFactoryConfig { | ||
| private String type = "none"; | ||
| private int maxTokenGenerationInSeconds = 3600; | ||
| private String file; | ||
| private String secret; | ||
|
|
||
| @JsonProperty("type") | ||
| public void setType(String type) { | ||
| this.type = type; | ||
| } | ||
|
|
||
| @JsonProperty("file") | ||
| public void setFile(String file) { | ||
| this.file = file; | ||
| } | ||
|
|
||
| @JsonProperty("secret") | ||
| public void setSecret(String secret) { | ||
| this.secret = secret; | ||
| } | ||
|
|
||
| @JsonProperty("maxTokenGenerationInSeconds") | ||
| public void setMaxTokenGenerationInSeconds(int maxTokenGenerationInSeconds) { | ||
| this.maxTokenGenerationInSeconds = maxTokenGenerationInSeconds; | ||
| } | ||
|
|
||
| public String getType() { | ||
| return type; | ||
| } | ||
|
|
||
| @Override | ||
| public int maxTokenGenerationInSeconds() { | ||
| return maxTokenGenerationInSeconds; | ||
| } | ||
|
|
||
| @Nullable | ||
| @Override | ||
| public String file() { | ||
| return file; | ||
| } | ||
|
|
||
| @Nullable | ||
| @Override | ||
| public String secret() { | ||
| return secret; | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
59 changes: 59 additions & 0 deletions
59
service/common/src/main/java/org/apache/polaris/service/auth/NoneTokenBrokerFactory.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,59 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one | ||
| * or more contributor license agreements. See the NOTICE file | ||
| * distributed with this work for additional information | ||
| * regarding copyright ownership. The ASF licenses this file | ||
| * to you under the Apache License, Version 2.0 (the | ||
| * "License"); you may not use this file except in compliance | ||
| * with the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, | ||
| * software distributed under the License is distributed on an | ||
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | ||
| * KIND, either express or implied. See the License for the | ||
| * specific language governing permissions and limitations | ||
| * under the License. | ||
| */ | ||
| package org.apache.polaris.service.auth; | ||
|
|
||
| import io.smallrye.common.annotation.Identifier; | ||
| import org.apache.polaris.core.context.RealmContext; | ||
| import org.apache.polaris.service.types.TokenType; | ||
|
|
||
| /** Default {@link TokenBrokerFactory} that produces token brokers that do not do anything. */ | ||
| @Identifier("none") | ||
| public class NoneTokenBrokerFactory implements TokenBrokerFactory { | ||
| @Override | ||
| public TokenBroker apply(RealmContext realmContext) { | ||
| return new TokenBroker() { | ||
| @Override | ||
| public boolean supportsGrantType(String grantType) { | ||
| return false; | ||
| } | ||
|
|
||
| @Override | ||
| public boolean supportsRequestedTokenType(TokenType tokenType) { | ||
| return false; | ||
| } | ||
|
|
||
| @Override | ||
| public TokenResponse generateFromClientSecrets( | ||
| String clientId, String clientSecret, String grantType, String scope) { | ||
| return null; | ||
| } | ||
|
|
||
| @Override | ||
| public TokenResponse generateFromToken( | ||
| TokenType tokenType, String subjectToken, String grantType, String scope) { | ||
| return null; | ||
| } | ||
|
|
||
| @Override | ||
| public DecodedToken verify(String token) { | ||
| return null; | ||
| } | ||
| }; | ||
| } | ||
| } |
36 changes: 36 additions & 0 deletions
36
service/common/src/main/java/org/apache/polaris/service/auth/TokenBrokerFactoryConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,36 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one | ||
| * or more contributor license agreements. See the NOTICE file | ||
| * distributed with this work for additional information | ||
| * regarding copyright ownership. The ASF licenses this file | ||
| * to you under the Apache License, Version 2.0 (the | ||
| * "License"); you may not use this file except in compliance | ||
| * with the License. You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, | ||
| * software distributed under the License is distributed on an | ||
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | ||
| * KIND, either express or implied. See the License for the | ||
| * specific language governing permissions and limitations | ||
| * under the License. | ||
| */ | ||
| package org.apache.polaris.service.auth; | ||
|
|
||
| import jakarta.annotation.Nullable; | ||
|
|
||
| /** | ||
| * This is a union of configuration settings of all token brokers. | ||
| * | ||
| * @see TokenBrokerFactory | ||
| */ | ||
| public interface TokenBrokerFactoryConfig { | ||
| @Nullable | ||
| String file(); | ||
|
|
||
| @Nullable | ||
| String secret(); | ||
|
|
||
| int maxTokenGenerationInSeconds(); | ||
| } |