PasswordCredential

apache · Jul 5, 2024 · 9857433 · 9857433
1 parent bbe6bd7
commit 9857433
Show file tree

Hide file tree

Showing 5 changed files with 27 additions and 15 deletions.
diff --git a/...scala/org/apache/celeborn/common/authentication/AnonymousAuthenticationProviderImpl.scala b/...scala/org/apache/celeborn/common/authentication/AnonymousAuthenticationProviderImpl.scala
@@ -21,9 +21,9 @@ import java.security.Principal
 
 class AnonymousAuthenticationProviderImpl extends PasswdAuthenticationProvider
   with TokenAuthenticationProvider {
-  override def authenticate(user: String, password: String): Principal = {
+  override def authenticate(credential: PasswordCredential): Principal = {
     // no-op authentication
-    new BasicPrincipal(user)
+    new BasicPrincipal(credential.username)
   }
 
   override def authenticate(credential: TokenCredential): Principal = {

diff --git a/...mmon/authentication/TokenCredential.scala → ...rn/common/authentication/Credential.scala b/...mmon/authentication/TokenCredential.scala → ...rn/common/authentication/Credential.scala
@@ -17,6 +17,17 @@
 
 package org.apache.celeborn.common.authentication
 
+trait PasswordCredential {
+  def username: String
+  def password: String
+  def extraInfo: Map[String, String] = Map.empty
+}
+
+case class DefaultPasswordCredential(
+    username: String,
+    password: String,
+    override val extraInfo: Map[String, String] = Map.empty) extends PasswordCredential
+
 /**
  * The credential object that is passed to the token authentication provider.
  *

diff --git a/...c/main/scala/org/apache/celeborn/common/authentication/PasswdAuthenticationProvider.scala b/...c/main/scala/org/apache/celeborn/common/authentication/PasswdAuthenticationProvider.scala
@@ -23,15 +23,14 @@ trait PasswdAuthenticationProvider {
 
   /**
    * The authenticate method is called by the celeborn authentication layer
-   * to authenticate user & password for their requests.
-   * If a user is to be granted, return nothing/throw nothing.
-   * When a user is to be disallowed, throw an appropriate [[SecurityException]].
+   * to authenticate password credential for their requests.
+   * If a credential is to be granted, return nothing/throw nothing.
+   * When a credential is to be disallowed, throw an appropriate [[SecurityException]].
    *
-   * @param user     The username received over the connection request
-   * @param password The password received over the connection request
+   * @param credential The credential received over the connection request
    *
    * @throws SecurityException When a user is found to be invalid by the implementation
    */
   @throws[SecurityException]
-  def authenticate(user: String, password: String): Principal
+  def authenticate(credential: PasswordCredential): Principal
 }
diff --git a/...la/org/apache/celeborn/server/common/http/authentication/BasicAuthenticationHandler.scala b/...la/org/apache/celeborn/server/common/http/authentication/BasicAuthenticationHandler.scala
@@ -22,7 +22,7 @@ import java.util.Base64
 import javax.servlet.http.{HttpServletRequest, HttpServletResponse}
 
 import org.apache.celeborn.common.CelebornConf
-import org.apache.celeborn.common.authentication.{AnonymousAuthenticationProviderImpl, PasswdAuthenticationProvider}
+import org.apache.celeborn.common.authentication.{AnonymousAuthenticationProviderImpl, DefaultPasswordCredential, PasswdAuthenticationProvider}
 import org.apache.celeborn.common.authentication.HttpAuthSchemes._
 import org.apache.celeborn.common.internal.Logging
 import org.apache.celeborn.server.common.http.HttpAuthUtils.{AUTHORIZATION_HEADER, WWW_AUTHENTICATE_HEADER}
@@ -86,7 +86,9 @@ class BasicAuthenticationHandler(providerClass: String) extends AuthenticationHa
         val Seq(user, password) = creds.toSeq.take(2)
         val passwdAuthenticationProvider = HttpAuthenticationFactory
           .getPasswordAuthenticationProvider(providerClass, conf)
-        authUser = passwdAuthenticationProvider.authenticate(user, password).getName
+        authUser = passwdAuthenticationProvider.authenticate(DefaultPasswordCredential(
+          user,
+          password)).getName
         response.setStatus(HttpServletResponse.SC_OK)
       }
     }

diff --git a/...born/server/common/http/authentication/UserDefinePasswordAuthenticationProviderImpl.scala b/...born/server/common/http/authentication/UserDefinePasswordAuthenticationProviderImpl.scala
@@ -20,16 +20,16 @@ package org.apache.celeborn.server.common.http.authentication
 import java.security.Principal
 import javax.security.sasl.AuthenticationException
 
-import org.apache.celeborn.common.authentication.{BasicPrincipal, PasswdAuthenticationProvider}
+import org.apache.celeborn.common.authentication.{BasicPrincipal, PasswdAuthenticationProvider, PasswordCredential}
 import org.apache.celeborn.common.internal.Logging
 import org.apache.celeborn.server.common.http.authentication.UserDefinePasswordAuthenticationProviderImpl.VALID_PASSWORD
 
 class UserDefinePasswordAuthenticationProviderImpl
   extends PasswdAuthenticationProvider with Logging {
-  override def authenticate(user: String, password: String): Principal = {
-    if (password == VALID_PASSWORD) {
-      logInfo(s"Success log in of user: $user")
-      new BasicPrincipal(user)
+  override def authenticate(credential: PasswordCredential): Principal = {
+    if (credential.password == VALID_PASSWORD) {
+      logInfo(s"Success log in of user: ${credential.username}")
+      new BasicPrincipal(credential.username)
     } else {
       throw new AuthenticationException("Username or password is not valid!")
     }