public class oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator extends java.lang.Object implements oadd.org.apache.hadoop.security.authentication.client.Authenticator
{
private static org.slf4j.Logger LOG;
public static final java.lang.String WWW_AUTHENTICATE;
public static final java.lang.String AUTHORIZATION;
public static final java.lang.String NEGOTIATE;
private static final java.lang.String AUTH_HTTP_METHOD;
private java.net.URL url;
private oadd.org.apache.commons.codec.binary.Base base;
private oadd.org.apache.hadoop.security.authentication.client.ConnectionConfigurator connConfigurator;
public void <init>()
{
oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator v;
v := @this: oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator;
specialinvoke v.<java.lang.Object: void <init>()>();
return;
}
public void setConnectionConfigurator(oadd.org.apache.hadoop.security.authentication.client.ConnectionConfigurator)
{
oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator v;
oadd.org.apache.hadoop.security.authentication.client.ConnectionConfigurator v;
v := @this: oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator;
v := @parameter: oadd.org.apache.hadoop.security.authentication.client.ConnectionConfigurator;
v.<oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator: oadd.org.apache.hadoop.security.authentication.client.ConnectionConfigurator connConfigurator> = v;
return;
}
public void authenticate(java.net.URL, oadd.org.apache.hadoop.security.authentication.client.AuthenticatedURL$Token) throws java.io.IOException, oadd.org.apache.hadoop.security.authentication.client.AuthenticationException
{
java.net.HttpURLConnection v;
java.net.URL v;
oadd.org.apache.hadoop.security.authentication.client.AuthenticationException v;
oadd.org.apache.commons.codec.binary.Base v;
oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator v;
int v;
java.lang.String v, v;
boolean v, v, v, v;
org.slf4j.Logger v, v, v;
oadd.org.apache.hadoop.security.authentication.client.Authenticator v;
java.io.IOException v;
java.lang.Exception v, v;
oadd.org.apache.hadoop.security.authentication.client.ConnectionConfigurator v, v;
oadd.org.apache.hadoop.security.authentication.client.AuthenticatedURL$Token v;
v := @this: oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator;
v := @parameter: java.net.URL;
v := @parameter: oadd.org.apache.hadoop.security.authentication.client.AuthenticatedURL$Token;
v = virtualinvoke v.<oadd.org.apache.hadoop.security.authentication.client.AuthenticatedURL$Token: boolean isSet()>();
if v != 0 goto label;
v.<oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator: java.net.URL url> = v;
v = new oadd.org.apache.commons.codec.binary.Base;
specialinvoke v.<oadd.org.apache.commons.codec.binary.Base64: void <init>(int)>(0);
v.<oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator: oadd.org.apache.commons.codec.binary.Base base64> = v;
label:
v = v.<oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator: oadd.org.apache.hadoop.security.authentication.client.ConnectionConfigurator connConfigurator>;
v = virtualinvoke v.<oadd.org.apache.hadoop.security.authentication.client.AuthenticatedURL$Token: java.net.HttpURLConnection openConnection(java.net.URL,oadd.org.apache.hadoop.security.authentication.client.ConnectionConfigurator)>(v, v);
virtualinvoke v.<java.net.HttpURLConnection: void setRequestMethod(java.lang.String)>("OPTIONS");
virtualinvoke v.<java.net.HttpURLConnection: void connect()>();
v = 0;
v = virtualinvoke v.<java.net.HttpURLConnection: int getResponseCode()>();
if v != 200 goto label;
v = <oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator: org.slf4j.Logger LOG>;
interfaceinvoke v.<org.slf4j.Logger: void debug(java.lang.String)>("JDK performed authentication on our behalf.");
staticinvoke <oadd.org.apache.hadoop.security.authentication.client.AuthenticatedURL: void extractToken(java.net.HttpURLConnection,oadd.org.apache.hadoop.security.authentication.client.AuthenticatedURL$Token)>(v, v);
v = specialinvoke v.<oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator: boolean isTokenKerberos(oadd.org.apache.hadoop.security.authentication.client.AuthenticatedURL$Token)>(v);
if v == 0 goto label;
label:
return;
label:
v = 1;
label:
if v != 0 goto label;
v = specialinvoke v.<oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator: boolean isNegotiate(java.net.HttpURLConnection)>(v);
if v == 0 goto label;
v = <oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator: org.slf4j.Logger LOG>;
interfaceinvoke v.<org.slf4j.Logger: void debug(java.lang.String)>("Performing our own SPNEGO sequence.");
specialinvoke v.<oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator: void doSpnegoSequence(oadd.org.apache.hadoop.security.authentication.client.AuthenticatedURL$Token)>(v);
goto label;
label:
v = <oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator: org.slf4j.Logger LOG>;
interfaceinvoke v.<org.slf4j.Logger: void debug(java.lang.String)>("Using fallback authenticator sequence.");
v = virtualinvoke v.<oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator: oadd.org.apache.hadoop.security.authentication.client.Authenticator getFallBackAuthenticator()>();
v = v.<oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator: oadd.org.apache.hadoop.security.authentication.client.ConnectionConfigurator connConfigurator>;
interfaceinvoke v.<oadd.org.apache.hadoop.security.authentication.client.Authenticator: void setConnectionConfigurator(oadd.org.apache.hadoop.security.authentication.client.ConnectionConfigurator)>(v);
interfaceinvoke v.<oadd.org.apache.hadoop.security.authentication.client.Authenticator: void authenticate(java.net.URL,oadd.org.apache.hadoop.security.authentication.client.AuthenticatedURL$Token)>(v, v);
label:
goto label;
label:
v := @caughtexception;
v = dynamicinvoke "makeConcatWithConstants" <java.lang.String (java.net.URL)>(v) <java.lang.invoke.StringConcatFactory: java.lang.invoke.CallSite makeConcatWithConstants(java.lang.invoke.MethodHandles$Lookup,java.lang.String,java.lang.invoke.MethodType,java.lang.String,java.lang.Object[])>("Error while authenticating with endpoint: \u0001");
v = staticinvoke <oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator: java.lang.Exception wrapExceptionWithMessage(java.lang.Exception,java.lang.String)>(v, v);
throw v;
label:
v := @caughtexception;
v = dynamicinvoke "makeConcatWithConstants" <java.lang.String (java.net.URL)>(v) <java.lang.invoke.StringConcatFactory: java.lang.invoke.CallSite makeConcatWithConstants(java.lang.invoke.MethodHandles$Lookup,java.lang.String,java.lang.invoke.MethodType,java.lang.String,java.lang.Object[])>("Error while authenticating with endpoint: \u0001");
v = staticinvoke <oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator: java.lang.Exception wrapExceptionWithMessage(java.lang.Exception,java.lang.String)>(v, v);
throw v;
label:
return;
catch java.io.IOException from label to label with label;
catch java.io.IOException from label to label with label;
catch oadd.org.apache.hadoop.security.authentication.client.AuthenticationException from label to label with label;
catch oadd.org.apache.hadoop.security.authentication.client.AuthenticationException from label to label with label;
}
static java.lang.Exception wrapExceptionWithMessage(java.lang.Exception, java.lang.String)
{
java.lang.Throwable v, v;
java.lang.Object[] v;
org.slf4j.Logger v;
java.lang.Class[] v;
java.lang.reflect.Constructor v;
java.lang.Exception v;
java.lang.Class v;
java.lang.Object v;
java.lang.String v;
v := @parameter: java.lang.Exception;
v := @parameter: java.lang.String;
v = virtualinvoke v.<java.lang.Object: java.lang.Class getClass()>();
label:
v = newarray (java.lang.Class)[1];
v[0] = class "Ljava/lang/String;";
v = virtualinvoke v.<java.lang.Class: java.lang.reflect.Constructor getConstructor(java.lang.Class[])>(v);
v = newarray (java.lang.Object)[1];
v[0] = v;
v = virtualinvoke v.<java.lang.reflect.Constructor: java.lang.Object newInstance(java.lang.Object[])>(v);
v = virtualinvoke v.<java.lang.Throwable: java.lang.Throwable initCause(java.lang.Throwable)>(v);
label:
return v;
label:
v := @caughtexception;
v = <oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator: org.slf4j.Logger LOG>;
interfaceinvoke v.<org.slf4j.Logger: void debug(java.lang.String,java.lang.Object,java.lang.Object)>("Unable to wrap exception of type {}, it has no (String) constructor.", v, v);
return v;
catch java.lang.Throwable from label to label with label;
}
protected oadd.org.apache.hadoop.security.authentication.client.Authenticator getFallBackAuthenticator()
{
oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator v;
oadd.org.apache.hadoop.security.authentication.client.PseudoAuthenticator v;
oadd.org.apache.hadoop.security.authentication.client.ConnectionConfigurator v, v;
v := @this: oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator;
v = new oadd.org.apache.hadoop.security.authentication.client.PseudoAuthenticator;
specialinvoke v.<oadd.org.apache.hadoop.security.authentication.client.PseudoAuthenticator: void <init>()>();
v = v.<oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator: oadd.org.apache.hadoop.security.authentication.client.ConnectionConfigurator connConfigurator>;
if v == null goto label;
v = v.<oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator: oadd.org.apache.hadoop.security.authentication.client.ConnectionConfigurator connConfigurator>;
interfaceinvoke v.<oadd.org.apache.hadoop.security.authentication.client.Authenticator: void setConnectionConfigurator(oadd.org.apache.hadoop.security.authentication.client.ConnectionConfigurator)>(v);
label:
return v;
}
private boolean isTokenKerberos(oadd.org.apache.hadoop.security.authentication.client.AuthenticatedURL$Token) throws oadd.org.apache.hadoop.security.authentication.client.AuthenticationException
{
oadd.org.apache.hadoop.security.authentication.util.AuthToken v;
oadd.org.apache.hadoop.security.authentication.client.AuthenticatedURL$Token v;
oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator v;
java.lang.String v, v, v;
boolean v, v, v;
v := @this: oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator;
v := @parameter: oadd.org.apache.hadoop.security.authentication.client.AuthenticatedURL$Token;
v = virtualinvoke v.<oadd.org.apache.hadoop.security.authentication.client.AuthenticatedURL$Token: boolean isSet()>();
if v == 0 goto label;
v = virtualinvoke v.<oadd.org.apache.hadoop.security.authentication.client.AuthenticatedURL$Token: java.lang.String toString()>();
v = staticinvoke <oadd.org.apache.hadoop.security.authentication.util.AuthToken: oadd.org.apache.hadoop.security.authentication.util.AuthToken parse(java.lang.String)>(v);
v = virtualinvoke v.<oadd.org.apache.hadoop.security.authentication.util.AuthToken: java.lang.String getType()>();
v = virtualinvoke v.<java.lang.String: boolean equals(java.lang.Object)>("kerberos");
if v != 0 goto label;
v = virtualinvoke v.<oadd.org.apache.hadoop.security.authentication.util.AuthToken: java.lang.String getType()>();
v = virtualinvoke v.<java.lang.String: boolean equals(java.lang.Object)>("kerberos-dt");
if v == 0 goto label;
label:
return 1;
label:
return 0;
}
private boolean isNegotiate(java.net.HttpURLConnection) throws java.io.IOException
{
java.net.HttpURLConnection v;
oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator v;
int v;
java.lang.String v, v;
boolean v, v, v;
v := @this: oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator;
v := @parameter: java.net.HttpURLConnection;
v = 0;
v = virtualinvoke v.<java.net.HttpURLConnection: int getResponseCode()>();
if v != 401 goto label;
v = virtualinvoke v.<java.net.HttpURLConnection: java.lang.String getHeaderField(java.lang.String)>("WWW-Authenticate");
if v == null goto label;
v = virtualinvoke v.<java.lang.String: java.lang.String trim()>();
v = virtualinvoke v.<java.lang.String: boolean startsWith(java.lang.String)>("Negotiate");
if v == 0 goto label;
v = 1;
goto label;
label:
v = 0;
label:
v = v;
label:
return v;
}
private void doSpnegoSequence(oadd.org.apache.hadoop.security.authentication.client.AuthenticatedURL$Token) throws java.io.IOException, oadd.org.apache.hadoop.security.authentication.client.AuthenticationException
{
java.security.AccessControlContext v;
javax.security.auth.login.LoginException v;
oadd.org.apache.hadoop.security.authentication.client.AuthenticationException v, v;
oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator$KerberosConfiguration v;
javax.security.auth.login.LoginContext v;
oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator v;
java.lang.String v;
boolean v, v, v, v;
java.security.PrivilegedActionException v;
org.slf4j.Logger v, v, v;
oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator$1 v;
java.lang.Exception v, v, v;
javax.security.auth.Subject v, v;
oadd.org.apache.hadoop.security.authentication.client.AuthenticatedURL$Token v;
v := @this: oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator;
v := @parameter: oadd.org.apache.hadoop.security.authentication.client.AuthenticatedURL$Token;
label:
v = staticinvoke <java.security.AccessController: java.security.AccessControlContext getContext()>();
v = staticinvoke <javax.security.auth.Subject: javax.security.auth.Subject getSubject(java.security.AccessControlContext)>(v);
if v == null goto label;
v = staticinvoke <oadd.org.apache.hadoop.security.authentication.util.KerberosUtil: boolean hasKerberosKeyTab(javax.security.auth.Subject)>(v);
if v != 0 goto label;
v = staticinvoke <oadd.org.apache.hadoop.security.authentication.util.KerberosUtil: boolean hasKerberosTicket(javax.security.auth.Subject)>(v);
if v != 0 goto label;
label:
v = <oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator: org.slf4j.Logger LOG>;
interfaceinvoke v.<org.slf4j.Logger: void debug(java.lang.String)>("No subject in context, logging in");
v = new javax.security.auth.Subject;
specialinvoke v.<javax.security.auth.Subject: void <init>()>();
v = v;
v = new javax.security.auth.login.LoginContext;
v = new oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator$KerberosConfiguration;
specialinvoke v.<oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator$KerberosConfiguration: void <init>()>();
specialinvoke v.<javax.security.auth.login.LoginContext: void <init>(java.lang.String,javax.security.auth.Subject,javax.security.auth.callback.CallbackHandler,javax.security.auth.login.Configuration)>("", v, null, v);
virtualinvoke v.<javax.security.auth.login.LoginContext: void login()>();
label:
v = <oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator: org.slf4j.Logger LOG>;
v = interfaceinvoke v.<org.slf4j.Logger: boolean isDebugEnabled()>();
if v == 0 goto label;
v = <oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator: org.slf4j.Logger LOG>;
v = dynamicinvoke "makeConcatWithConstants" <java.lang.String (javax.security.auth.Subject)>(v) <java.lang.invoke.StringConcatFactory: java.lang.invoke.CallSite makeConcatWithConstants(java.lang.invoke.MethodHandles$Lookup,java.lang.String,java.lang.invoke.MethodType,java.lang.String,java.lang.Object[])>("Using subject: \u0001");
interfaceinvoke v.<org.slf4j.Logger: void debug(java.lang.String)>(v);
label:
v = new oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator$1;
specialinvoke v.<oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator$1: void <init>(oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator,oadd.org.apache.hadoop.security.authentication.client.AuthenticatedURL$Token)>(v, v);
staticinvoke <javax.security.auth.Subject: java.lang.Object doAs(javax.security.auth.Subject,java.security.PrivilegedExceptionAction)>(v, v);
label:
goto label;
label:
v := @caughtexception;
v = virtualinvoke v.<java.security.PrivilegedActionException: java.lang.Exception getException()>();
v = v instanceof java.io.IOException;
if v == 0 goto label;
v = virtualinvoke v.<java.security.PrivilegedActionException: java.lang.Exception getException()>();
throw v;
label:
v = new oadd.org.apache.hadoop.security.authentication.client.AuthenticationException;
v = virtualinvoke v.<java.security.PrivilegedActionException: java.lang.Exception getException()>();
specialinvoke v.<oadd.org.apache.hadoop.security.authentication.client.AuthenticationException: void <init>(java.lang.Throwable)>(v);
throw v;
label:
v := @caughtexception;
v = new oadd.org.apache.hadoop.security.authentication.client.AuthenticationException;
specialinvoke v.<oadd.org.apache.hadoop.security.authentication.client.AuthenticationException: void <init>(java.lang.Throwable)>(v);
throw v;
label:
return;
catch java.security.PrivilegedActionException from label to label with label;
catch javax.security.auth.login.LoginException from label to label with label;
}
private void sendToken(java.net.HttpURLConnection, byte[]) throws java.io.IOException
{
java.net.HttpURLConnection v;
byte[] v;
oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator v;
oadd.org.apache.commons.codec.binary.Base v;
java.lang.String v, v;
v := @this: oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator;
v := @parameter: java.net.HttpURLConnection;
v := @parameter: byte[];
v = v.<oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator: oadd.org.apache.commons.codec.binary.Base base64>;
v = virtualinvoke v.<oadd.org.apache.commons.codec.binary.Base64: java.lang.String encodeToString(byte[])>(v);
virtualinvoke v.<java.net.HttpURLConnection: void setRequestMethod(java.lang.String)>("OPTIONS");
v = dynamicinvoke "makeConcatWithConstants" <java.lang.String (java.lang.String)>(v) <java.lang.invoke.StringConcatFactory: java.lang.invoke.CallSite makeConcatWithConstants(java.lang.invoke.MethodHandles$Lookup,java.lang.String,java.lang.invoke.MethodType,java.lang.String,java.lang.Object[])>("Negotiate \u0001");
virtualinvoke v.<java.net.HttpURLConnection: void setRequestProperty(java.lang.String,java.lang.String)>("Authorization", v);
virtualinvoke v.<java.net.HttpURLConnection: void connect()>();
return;
}
private byte[] readToken(java.net.HttpURLConnection) throws java.io.IOException, oadd.org.apache.hadoop.security.authentication.client.AuthenticationException
{
java.net.HttpURLConnection v;
byte[] v;
oadd.org.apache.hadoop.security.authentication.client.AuthenticationException v, v;
oadd.org.apache.commons.codec.binary.Base v;
oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator v;
int v, v;
java.lang.String v, v, v, v, v, v, v, v;
boolean v;
v := @this: oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator;
v := @parameter: java.net.HttpURLConnection;
v = virtualinvoke v.<java.net.HttpURLConnection: int getResponseCode()>();
if v == 200 goto label;
if v != 401 goto label;
label:
v = virtualinvoke v.<java.net.HttpURLConnection: java.lang.String getHeaderField(java.lang.String)>("WWW-Authenticate");
if v == null goto label;
v = virtualinvoke v.<java.lang.String: java.lang.String trim()>();
v = virtualinvoke v.<java.lang.String: boolean startsWith(java.lang.String)>("Negotiate");
if v != 0 goto label;
label:
v = new oadd.org.apache.hadoop.security.authentication.client.AuthenticationException;
v = dynamicinvoke "makeConcatWithConstants" <java.lang.String (java.lang.String)>(v) <java.lang.invoke.StringConcatFactory: java.lang.invoke.CallSite makeConcatWithConstants(java.lang.invoke.MethodHandles$Lookup,java.lang.String,java.lang.invoke.MethodType,java.lang.String,java.lang.Object[])>("Invalid SPNEGO sequence, \'WWW-Authenticate\' header incorrect: \u0001");
specialinvoke v.<oadd.org.apache.hadoop.security.authentication.client.AuthenticationException: void <init>(java.lang.String)>(v);
throw v;
label:
v = virtualinvoke v.<java.lang.String: java.lang.String trim()>();
v = "Negotiate ";
v = virtualinvoke v.<java.lang.String: int length()>();
v = virtualinvoke v.<java.lang.String: java.lang.String substring(int)>(v);
v = virtualinvoke v.<java.lang.String: java.lang.String trim()>();
v = v.<oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator: oadd.org.apache.commons.codec.binary.Base base64>;
v = virtualinvoke v.<oadd.org.apache.commons.codec.binary.Base64: byte[] decode(java.lang.String)>(v);
return v;
label:
v = new oadd.org.apache.hadoop.security.authentication.client.AuthenticationException;
v = dynamicinvoke "makeConcatWithConstants" <java.lang.String (int)>(v) <java.lang.invoke.StringConcatFactory: java.lang.invoke.CallSite makeConcatWithConstants(java.lang.invoke.MethodHandles$Lookup,java.lang.String,java.lang.invoke.MethodType,java.lang.String,java.lang.Object[])>("Invalid SPNEGO sequence, status code: \u0001");
specialinvoke v.<oadd.org.apache.hadoop.security.authentication.client.AuthenticationException: void <init>(java.lang.String)>(v);
throw v;
}
static void <clinit>()
{
org.slf4j.Logger v;
v = staticinvoke <org.slf4j.LoggerFactory: org.slf4j.Logger getLogger(java.lang.Class)>(class "Loadd/org/apache/hadoop/security/authentication/client/KerberosAuthenticator;");
<oadd.org.apache.hadoop.security.authentication.client.KerberosAuthenticator: org.slf4j.Logger LOG> = v;
return;
}
}