zhzhenqin
/
java-classic-code


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212
							package com.primeton.dsp.datarelease.data.bdata;

import lombok.NonNull;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.SystemUtils;

import java.io.File;
import java.util.Arrays;
import java.util.Set;
import java.util.stream.Collectors;

/**
 *
 * Hive HBase 租户验证
 *
 * <pre>
 *
 * Created by zhaopx.
 * User: zhaopx
 * Date: 2020/4/20
 * Time: 10:53
 *
 * </pre>
 *
 * @author zhaopx
 */
@Slf4j
public final class AuthPrincipalCreator {


    /**
     * 基础路径
     */
    private final String basePath;


    public AuthPrincipalCreator(String basePath) {
        File basePathFile = new File(basePath);
        if(!basePathFile.exists()) {
            if(!basePathFile.mkdirs()) {
                throw new IllegalStateException("目录不存在, 无法创建！Cause: dir: " + basePath + " not found!");
            }
        }
        this.basePath = basePathFile.getAbsolutePath();
    }


    /**
     * 采用 EOS 8 的外置目录
     * @return
     */
    public static AuthPrincipalCreator useExtractorConf(String basePathFirst) {
        // 采用 传来的 地址
        String externalDir = basePathFirst;
        if(StringUtils.isNotBlank(basePathFirst) && new File(basePathFirst).exists()) {
            // 如果穿来的地址存在则用传来的地址
            return new AuthPrincipalCreator(externalDir);
        }

        // 不存在则使用extractor_home 下的 conf/principal 的地址
        externalDir = System.getenv("EXTRACTOR_HOME");
        if(StringUtils.isBlank(externalDir)) {
            externalDir = System.getProperty("extractor.home");
        }

        if(StringUtils.isBlank(externalDir)) {
            externalDir = "./";
        }
        String principalBasePath = new File(externalDir, "config/principal").getAbsolutePath();
        log.info("use principal dir: {}", principalBasePath);
        return new AuthPrincipalCreator(principalBasePath);
    }

    /**
     * 返回该基础目录下所有的租户
     * @return
     */
    public final Set<String> listPrincipals() {
        // 返回基础目录下所有不以点开头的文件
        return Arrays.stream(new File(basePath).listFiles(it -> !it.getName().startsWith(".")))
                .map(it->it.getName())
                .collect(Collectors.toSet());
    }


    /**
     * 返回租户认证信息
     * @param principal
     * @return
     */
    public final AuthPrincipal getKerberosPrincipal(@NonNull String principal) {
        String principalName = principal;
        if(principal.contains("/") || principal.contains("@")) {
            // 取第一个字符就是登陆名称
            principalName = principal.split("/|@", -1)[0];
        }
        // 先判断是否存在租户
        if(!existsPrincipal(principalName)) {
            throw new IllegalStateException("不存在该租户【" + principal + "】。");
        }
        return new KerberosPrincipalImpl(principalName, principal, new File(basePath, principalName).getAbsolutePath());
    }


    /**
     * 返回是否存在该租户
     * @param principal
     * @return
     */
    public final boolean existsPrincipal(String principal) {
        return new File(basePath, principal).exists();
    }


    /**
     * 返回基础路径
     * @return
     */
    public String getAuthBasePath() {
        return basePath;
    }
}

class KerberosPrincipalImpl extends AuthPrincipal {


    /**
     * 租户名，目录名
     */
    String principalName;


    /**
     * 租户全称
     */
    String principal;


    /**
     * 租户目录
     */
    String principalWork;


    public KerberosPrincipalImpl(String principalName, String principal, String principalWork) {
        this.principalName = principalName;
        this.principal = principal;
        this.principalWork = principalWork;
    }

    @Override
    public String getPrincipal() {
        return this.principal;
    }

    @Override
    public String getPrincipalDesc() {
        return "TENANT:"+this.principal;
    }

    @Override
    public File getUserKeytabFile() {
        File userKeytabFile = new File(principalWork, "user.keytab");
        return userKeytabFile.exists() ? userKeytabFile : null;
    }

    @Override
    public File getKrb5File() {
        if(SystemUtils.IS_OS_WINDOWS) {
            // windows krb5File 是 ini 结尾
            File krb5File = new File(principalWork, "krb5.ini");
            if(krb5File.exists()) {
                return krb5File;
            }
        }

        // 其他系统，如果win系统不存在ini也以 conf 检测一次
        File krb5File = new File(principalWork, "krb5.conf");
        return krb5File.exists() ? krb5File : null;
    }

    @Override
    public File getHiveClientFile() {
        File hiveClientPropFile = new File(principalWork, "hiveclient.properties");
        return hiveClientPropFile.exists() ? hiveClientPropFile : null;
    }

    @Override
    public File getCoreSite() {
        File coreSiteFile = new File(principalWork, "core-site.xml");
        return coreSiteFile.exists() ? coreSiteFile : null;
    }

    @Override
    public File getHdfsSite() {
        File hdfsSiteFile = new File(principalWork, "hdfs-site.xml");
        return hdfsSiteFile.exists() ? hdfsSiteFile : null;
    }

    @Override
    public File getHiveSite() {
        File hiveSiteFile = new File(principalWork, "hive-site.xml");
        return hiveSiteFile.exists() ? hiveSiteFile : null;
    }

    @Override
    public File getHBaseSite() {
        File hbaseSiteFile = new File(principalWork, "hbase-site.xml");
        return hbaseSiteFile.exists() ? hbaseSiteFile : null;
    }
}