hadoop AbstractSessionCredentialsProvider 源码

  • 2022-10-20
  • 浏览 (127)

haddop AbstractSessionCredentialsProvider 代码


 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *     http://www.apache.org/licenses/LICENSE-2.0
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * See the License for the specific language governing permissions and
 * limitations under the License.

package org.apache.hadoop.fs.s3a.auth;

import javax.annotation.Nullable;
import java.net.URI;
import java.io.IOException;
import java.util.concurrent.atomic.AtomicBoolean;

import com.amazonaws.SdkBaseException;
import com.amazonaws.auth.AWSCredentials;
import org.apache.hadoop.classification.VisibleForTesting;

import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.s3a.CredentialInitializationException;
import org.apache.hadoop.fs.s3a.Invoker;
import org.apache.hadoop.fs.s3a.Retries;

 * Base class for session credential support.
 * @deprecated This class will be replaced by one that implements AWS SDK V2's AwsCredentialProvider
 * as part of upgrading S3A to SDK V2. See HADOOP-18073.
public abstract class AbstractSessionCredentialsProvider
    extends AbstractAWSCredentialProvider {

  /** Credentials, created in {@link #init()}. */
  private AWSCredentials awsCredentials;

  /** Atomic flag for on-demand initialization. */
  private final AtomicBoolean initialized = new AtomicBoolean(false);

   * The (possibly translated) initialization exception.
   * Used for testing.
  private IOException initializationException;

   * Constructor.
   * @param uri possibly null filesystem URI.
   * @param conf configuration.
  public AbstractSessionCredentialsProvider(
      @Nullable final URI uri,
      final Configuration conf) {
    super(uri, conf);

   * Initialize the credentials by calling
   * {@link #createCredentials(Configuration)} with the current config.
   * @throws IOException on any failure.
  protected void init() throws IOException {
    // stop re-entrant attempts
    if (initialized.getAndSet(true)) {
    try {
      awsCredentials = Invoker.once("create credentials", "",
          () -> createCredentials(getConf()));
    } catch (IOException e) {
      initializationException = e;
      throw e;

   * Has an attempt to initialize the credentials been attempted?
   * @return true if {@code init()} was called.
  public boolean isInitialized() {
    return initialized.get();

   * Implementation point: whatever the subclass must do to load credentials.
   * This is called from {@link #init()} and then the credentials are cached,
   * along with any exception.
   * @param config the configuration
   * @return the credentials
   * @throws IOException on any failure.
  protected abstract AWSCredentials createCredentials(Configuration config)
      throws IOException;

   * Get the credentials.
   * Any exception raised in
   * {@link #createCredentials(Configuration)}
   * is thrown here before any attempt to return the credentials
   * is made.
   * @return credentials, if set.
   * @throws SdkBaseException if one was raised during init
   * @throws CredentialInitializationException on other failures.
  public AWSCredentials getCredentials() throws SdkBaseException {
    // do an on-demand init then raise an AWS SDK exception if
    // there was a failure.
    try {
      if (!isInitialized()) {
    } catch (IOException e) {
      if (e.getCause() instanceof SdkBaseException) {
        throw (SdkBaseException) e.getCause();
      } else {
        throw new CredentialInitializationException(e.getMessage(), e);
    if (awsCredentials == null) {
      throw new CredentialInitializationException(
          "Provider " + this + " has no credentials");
    return awsCredentials;

  public final boolean hasCredentials() {
    return awsCredentials == null;

  public String toString() {
    return getClass().getSimpleName();

   * Get any IOE raised during initialization.
   * Null if {@link #init()} hasn't been called, or it actually worked.
   * @return an exception or null.
  public IOException getInitializationException() {
    return initializationException;

   * A special set of null credentials which are not the anonymous class.
   * This will be interpreted as "this provider has no credentials to offer",
   * rather than an explicit error or anonymous access.
  protected static final class NoCredentials implements AWSCredentials {
    public String getAWSAccessKeyId() {
      return null;

    public String getAWSSecretKey() {
      return null;


hadoop 源码目录


hadoop AbstractAWSCredentialProvider 源码

hadoop AssumedRoleCredentialProvider 源码

hadoop AwsSignerInitializer 源码

hadoop IAMInstanceCredentialsProvider 源码

hadoop MarshalledCredentialBinding 源码

hadoop MarshalledCredentialProvider 源码

hadoop MarshalledCredentials 源码

hadoop NoAuthWithAWSException 源码

hadoop NoAwsCredentialsException 源码

hadoop RoleModel 源码

0  赞