apucher commented on code in PR #8670: URL: https://github.com/apache/pinot/pull/8670#discussion_r870865007
########## pinot-common/src/main/java/org/apache/pinot/common/auth/AuthProviderUtils.java: ########## @@ -0,0 +1,168 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.pinot.common.auth; + +import java.lang.reflect.Constructor; +import java.util.Collections; +import java.util.List; +import java.util.Map; +import java.util.Objects; +import java.util.stream.Collectors; +import javax.annotation.Nullable; +import org.apache.commons.lang3.StringUtils; +import org.apache.http.Header; +import org.apache.http.message.BasicHeader; +import org.apache.pinot.spi.auth.AuthProvider; +import org.apache.pinot.spi.env.PinotConfiguration; + + +/** + * Utility class to wrap inference of optimal auth provider from component configs. + */ +public final class AuthProviderUtils { + private AuthProviderUtils() { + // left blank + } + + /** + * Extract an AuthConfig from a pinot configuration subset namespace. + * + * @param pinotConfig pinot configuration + * @param namespace subset namespace + * @return auth config + */ + public static AuthConfig extractAuthConfig(PinotConfiguration pinotConfig, String namespace) { + return new AuthConfig(pinotConfig.subset(namespace).toMap()); + } + + /** + * Create an AuthProvider after extracting a config from a pinot configuration subset namespace + * @see AuthProviderUtils#extractAuthConfig(PinotConfiguration, String) + * + * @param pinotConfig pinot configuration + * @param namespace subset namespace + * @return auth provider + */ + public static AuthProvider extractAuthProvider(PinotConfiguration pinotConfig, String namespace) { + return makeDynamicProvider(extractAuthConfig(pinotConfig, namespace)); + } + + /** + * Create auth provider based on the availability of a static token only, if any. This typically applies to task specs + * + * @param authToken static auth token + * @return auth provider + */ + public static AuthProvider makeStaticProvider(String authToken) { + if (StringUtils.isBlank(authToken)) { + return new NullAuthProvider(); + } + return new StaticTokenAuthProvider(authToken); + } + + /** + * Create auth provider based on an auth config. Mimics legacy behavior for static tokens if provided, or dynamic auth + * providers if additional configs are given. + * + * @param authConfig auth config + * @return auth provider + */ + public static AuthProvider makeDynamicProvider(AuthConfig authConfig) { + if (authConfig == null) { + return new NullAuthProvider(); + } + + Object providerClassValue = authConfig.getProperties().get(AuthConfig.PROVIDER_CLASS); + if (providerClassValue != null) { + try { + Class<?> providerClass = Class.forName(providerClassValue.toString()); + Constructor<?> constructor = providerClass.getConstructor(AuthConfig.class); + return (AuthProvider) constructor.newInstance(authConfig); + } catch (Exception e) { + throw new IllegalStateException("Could not create AuthProvider " + providerClassValue, e); + } + } + + // mimic legacy behavior for "auth.token" property + if (authConfig.getProperties().containsKey(StaticTokenAuthProvider.TOKEN)) { + return new StaticTokenAuthProvider(authConfig); + } + + if (!authConfig.getProperties().isEmpty()) { + throw new IllegalArgumentException("Some auth properties defined, but no provider created. Aborting."); + } + + return new NullAuthProvider(); + } + + /** + * Convenience helper to convert Map to list of Http Headers + * @param headers header map + * @return list of http headers + */ + public static List<Header> toRequestHeaders(@Nullable Map<String, Object> headers) { + if (headers == null) { + return Collections.emptyList(); + } + return headers.entrySet().stream().filter(entry -> Objects.nonNull(entry.getValue())) + .map(entry -> new BasicHeader(entry.getKey(), entry.getValue().toString())).collect(Collectors.toList()); Review Comment: This is mainly defensive programming. The check existed previously in various places as `if ()StringUtils.isNotBlank(authToken))` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org For additional commands, e-mail: commits-h...@pinot.apache.org
