public class org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator extends java.lang.Object implements org.apache.hive.service.auth.saml.ISAMLAuthTokenGenerator
{
private final long ttlMs;
private final java.security.SecureRandom rand;
private final byte[] signatureSecret;
private static final java.lang.String USER;
private static final java.lang.String SEPARATOR;
private static final java.lang.String ATTR_SEPARATOR;
private static final java.lang.String ID;
private static final java.lang.String CREATE_TIME;
public static final java.lang.String RELAY_STATE;
private static final java.lang.String SIGN;
private static org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator INSTANCE;
private static final org.slf4j.Logger LOG;
public static synchronized org.apache.hive.service.auth.saml.ISAMLAuthTokenGenerator get(org.apache.hadoop.hive.conf.HiveConf)
{
org.apache.hadoop.hive.conf.HiveConf v;
org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator v, v, v, v;
v := @parameter: org.apache.hadoop.hive.conf.HiveConf;
v = <org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator INSTANCE>;
if v == null goto label;
v = <org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator INSTANCE>;
return v;
label:
v = new org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator;
specialinvoke v.<org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: void <init>(org.apache.hadoop.hive.conf.HiveConf)>(v);
<org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator INSTANCE> = v;
v = <org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator INSTANCE>;
return v;
}
private void <init>(org.apache.hadoop.hive.conf.HiveConf)
{
byte[] v;
org.apache.hadoop.hive.conf.HiveConf v;
long v, v;
java.security.SecureRandom v, v;
java.util.concurrent.TimeUnit v;
org.apache.hadoop.hive.conf.HiveConf$ConfVars v;
java.lang.String v;
org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator v;
v := @this: org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator;
v := @parameter: org.apache.hadoop.hive.conf.HiveConf;
specialinvoke v.<java.lang.Object: void <init>()>();
v = new java.security.SecureRandom;
specialinvoke v.<java.security.SecureRandom: void <init>()>();
v.<org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: java.security.SecureRandom rand> = v;
v = v.<org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: java.security.SecureRandom rand>;
v = virtualinvoke v.<java.security.SecureRandom: long nextLong()>();
v = staticinvoke <java.lang.Long: java.lang.String toString(long)>(v);
v = virtualinvoke v.<java.lang.String: byte[] getBytes()>();
v.<org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: byte[] signatureSecret> = v;
v = <org.apache.hadoop.hive.conf.HiveConf$ConfVars: org.apache.hadoop.hive.conf.HiveConf$ConfVars HIVE_SERVER2_SAML_CALLBACK_TOKEN_TTL>;
v = <java.util.concurrent.TimeUnit: java.util.concurrent.TimeUnit MILLISECONDS>;
v = virtualinvoke v.<org.apache.hadoop.hive.conf.HiveConf: long getTimeVar(org.apache.hadoop.hive.conf.HiveConf$ConfVars,java.util.concurrent.TimeUnit)>(v, v);
v.<org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: long ttlMs> = v;
return;
}
static synchronized void shutdown()
{
<org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator INSTANCE> = null;
return;
}
public java.lang.String get(java.lang.String, java.lang.String)
{
java.lang.Object[] v;
org.slf4j.Logger v;
long v, v;
java.security.SecureRandom v;
java.lang.String v, v, v, v, v, v, v;
org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator v;
v := @this: org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator;
v := @parameter: java.lang.String;
v := @parameter: java.lang.String;
v = v.<org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: java.security.SecureRandom rand>;
v = virtualinvoke v.<java.security.SecureRandom: long nextLong()>();
v = staticinvoke <java.lang.String: java.lang.String valueOf(long)>(v);
v = staticinvoke <java.lang.System: long currentTimeMillis()>();
v = staticinvoke <java.lang.String: java.lang.String valueOf(long)>(v);
v = <org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: org.slf4j.Logger LOG>;
v = newarray (java.lang.Object)[3];
v[0] = v;
v[1] = v;
v[2] = v;
interfaceinvoke v.<org.slf4j.Logger: void debug(java.lang.String,java.lang.Object[])>("Generating token for user {} with id {} and time {}", v);
v = specialinvoke v.<org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: java.lang.String getTokenStr(java.lang.String,java.lang.String,java.lang.String,java.lang.String)>(v, v, v, v);
v = specialinvoke v.<org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: java.lang.String sign(java.lang.String)>(v);
v = specialinvoke v.<org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: java.lang.String encode(java.lang.String)>(v);
return v;
}
private java.lang.String encode(java.lang.String)
{
byte[] v;
java.util.Base64$Encoder v;
java.lang.String v, v;
org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator v;
v := @this: org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator;
v := @parameter: java.lang.String;
v = staticinvoke <java.util.Base64: java.util.Base64$Encoder getEncoder()>();
v = virtualinvoke v.<java.lang.String: byte[] getBytes()>();
v = virtualinvoke v.<java.util.Base64$Encoder: java.lang.String encodeToString(byte[])>(v);
return v;
}
private java.lang.String decode(java.lang.String)
{
byte[] v;
java.util.Base64$Decoder v;
java.lang.String v, v;
org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator v;
v := @this: org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator;
v := @parameter: java.lang.String;
v = new java.lang.String;
v = staticinvoke <java.util.Base64: java.util.Base64$Decoder getDecoder()>();
v = virtualinvoke v.<java.util.Base64$Decoder: byte[] decode(java.lang.String)>(v);
specialinvoke v.<java.lang.String: void <init>(byte[])>(v);
return v;
}
private java.lang.String getTokenStr(java.lang.String, java.lang.String, java.lang.String, java.lang.String)
{
java.lang.String v, v, v, v, v;
org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator v;
java.lang.StringBuilder v, v, v, v, v, v, v, v, v, v, v, v;
v := @this: org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator;
v := @parameter: java.lang.String;
v := @parameter: java.lang.String;
v := @parameter: java.lang.String;
v := @parameter: java.lang.String;
v = new java.lang.StringBuilder;
specialinvoke v.<java.lang.StringBuilder: void <init>()>();
v = virtualinvoke v.<java.lang.StringBuilder: java.lang.StringBuilder append(java.lang.String)>("u");
v = virtualinvoke v.<java.lang.StringBuilder: java.lang.StringBuilder append(java.lang.String)>("=");
v = virtualinvoke v.<java.lang.StringBuilder: java.lang.StringBuilder append(java.lang.String)>(v);
virtualinvoke v.<java.lang.StringBuilder: java.lang.StringBuilder append(java.lang.String)>(";");
v = virtualinvoke v.<java.lang.StringBuilder: java.lang.StringBuilder append(java.lang.String)>("id");
v = virtualinvoke v.<java.lang.StringBuilder: java.lang.StringBuilder append(java.lang.String)>("=");
v = virtualinvoke v.<java.lang.StringBuilder: java.lang.StringBuilder append(java.lang.String)>(v);
virtualinvoke v.<java.lang.StringBuilder: java.lang.StringBuilder append(java.lang.String)>(";");
v = virtualinvoke v.<java.lang.StringBuilder: java.lang.StringBuilder append(java.lang.String)>("time");
v = virtualinvoke v.<java.lang.StringBuilder: java.lang.StringBuilder append(java.lang.String)>("=");
v = virtualinvoke v.<java.lang.StringBuilder: java.lang.StringBuilder append(java.lang.String)>(v);
virtualinvoke v.<java.lang.StringBuilder: java.lang.StringBuilder append(java.lang.String)>(";");
v = virtualinvoke v.<java.lang.StringBuilder: java.lang.StringBuilder append(java.lang.String)>("rs");
v = virtualinvoke v.<java.lang.StringBuilder: java.lang.StringBuilder append(java.lang.String)>("=");
virtualinvoke v.<java.lang.StringBuilder: java.lang.StringBuilder append(java.lang.String)>(v);
v = virtualinvoke v.<java.lang.StringBuilder: java.lang.String toString()>();
return v;
}
private java.lang.String getSign(java.lang.String)
{
byte[] v, v, v;
java.security.MessageDigest v;
java.util.Base64$Encoder v;
java.lang.RuntimeException v;
java.security.NoSuchAlgorithmException v;
java.lang.String v, v;
org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator v;
v := @this: org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator;
v := @parameter: java.lang.String;
label:
v = staticinvoke <java.security.MessageDigest: java.security.MessageDigest getInstance(java.lang.String)>("SHA-256");
v = virtualinvoke v.<java.lang.String: byte[] getBytes()>();
virtualinvoke v.<java.security.MessageDigest: void update(byte[])>(v);
v = v.<org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: byte[] signatureSecret>;
virtualinvoke v.<java.security.MessageDigest: void update(byte[])>(v);
v = virtualinvoke v.<java.security.MessageDigest: byte[] digest()>();
v = staticinvoke <java.util.Base64: java.util.Base64$Encoder getEncoder()>();
v = virtualinvoke v.<java.util.Base64$Encoder: java.lang.String encodeToString(byte[])>(v);
label:
return v;
label:
v := @caughtexception;
v = new java.lang.RuntimeException;
specialinvoke v.<java.lang.RuntimeException: void <init>(java.lang.Throwable)>(v);
throw v;
catch java.security.NoSuchAlgorithmException from label to label with label;
}
private java.lang.String sign(java.lang.String)
{
java.lang.String v, v, v;
org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator v;
v := @this: org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator;
v := @parameter: java.lang.String;
v = specialinvoke v.<org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: java.lang.String getSign(java.lang.String)>(v);
v = dynamicinvoke "makeConcatWithConstants" <java.lang.String (java.lang.String,java.lang.String)>(v, v) <java.lang.invoke.StringConcatFactory: java.lang.invoke.CallSite makeConcatWithConstants(java.lang.invoke.MethodHandles$Lookup,java.lang.String,java.lang.invoke.MethodType,java.lang.String,java.lang.Object[])>("\u;sg=\u0001");
return v;
}
public java.lang.String validate(java.lang.String) throws org.apache.hive.service.auth.saml.HttpSamlAuthenticationException
{
java.util.HashMap v;
long v, v;
java.lang.String v, v, v, v;
org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator v;
boolean v, v, v;
org.apache.hive.service.auth.saml.HttpSamlAuthenticationException v, v, v;
java.lang.Object v, v, v, v, v, v, v;
v := @this: org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator;
v := @parameter: java.lang.String;
v = specialinvoke v.<org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: java.lang.String decode(java.lang.String)>(v);
v = new java.util.HashMap;
specialinvoke v.<java.util.HashMap: void <init>()>();
v = staticinvoke <org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: boolean parse(java.lang.String,java.util.Map)>(v, v);
if v != 0 goto label;
v = new org.apache.hive.service.auth.saml.HttpSamlAuthenticationException;
specialinvoke v.<org.apache.hive.service.auth.saml.HttpSamlAuthenticationException: void <init>(java.lang.String)>("Invalid token");
throw v;
label:
v = interfaceinvoke v.<java.util.Map: java.lang.Object get(java.lang.Object)>("u");
v = interfaceinvoke v.<java.util.Map: java.lang.Object get(java.lang.Object)>("id");
v = interfaceinvoke v.<java.util.Map: java.lang.Object get(java.lang.Object)>("time");
v = interfaceinvoke v.<java.util.Map: java.lang.Object get(java.lang.Object)>("rs");
v = specialinvoke v.<org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: java.lang.String getTokenStr(java.lang.String,java.lang.String,java.lang.String,java.lang.String)>(v, v, v, v);
v = specialinvoke v.<org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: java.lang.String getSign(java.lang.String)>(v);
v = interfaceinvoke v.<java.util.Map: java.lang.Object get(java.lang.Object)>("sg");
v = specialinvoke v.<org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: boolean signatureMatches(java.lang.String,java.lang.String)>(v, v);
if v != 0 goto label;
v = new org.apache.hive.service.auth.saml.HttpSamlAuthenticationException;
specialinvoke v.<org.apache.hive.service.auth.saml.HttpSamlAuthenticationException: void <init>(java.lang.String)>("Token could not be verified");
throw v;
label:
v = staticinvoke <java.lang.System: long currentTimeMillis()>();
v = interfaceinvoke v.<java.util.Map: java.lang.Object get(java.lang.Object)>("time");
v = staticinvoke <java.lang.Long: long parseLong(java.lang.String)>(v);
v = specialinvoke v.<org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: boolean isExpired(long,long)>(v, v);
if v == 0 goto label;
v = new org.apache.hive.service.auth.saml.HttpSamlAuthenticationException;
specialinvoke v.<org.apache.hive.service.auth.saml.HttpSamlAuthenticationException: void <init>(java.lang.String)>("Token is expired");
throw v;
label:
v = interfaceinvoke v.<java.util.Map: java.lang.Object get(java.lang.Object)>("u");
return v;
}
private boolean isExpired(long, long)
{
java.lang.Object[] v;
org.slf4j.Logger v;
long v, v, v, v, v;
byte v, v;
java.lang.Long v, v, v;
org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator v;
boolean v;
v := @this: org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator;
v := @parameter: long;
v := @parameter: long;
v = <org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: org.slf4j.Logger LOG>;
v = newarray (java.lang.Object)[3];
v = staticinvoke <java.lang.Long: java.lang.Long valueOf(long)>(v);
v[0] = v;
v = staticinvoke <java.lang.Long: java.lang.Long valueOf(long)>(v);
v[1] = v;
v = v.<org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: long ttlMs>;
v = staticinvoke <java.lang.Long: java.lang.Long valueOf(long)>(v);
v[2] = v;
interfaceinvoke v.<org.slf4j.Logger: void debug(java.lang.String,java.lang.Object[])>("Checking if the token is expired or not. CurrentTime = {}, tokenExpiryTime = {} TTL = {}", v);
v = v cmp v;
if v < 0 goto label;
v = v - v;
v = v.<org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: long ttlMs>;
v = v cmp v;
if v <= 0 goto label;
v = 1;
goto label;
label:
v = 0;
label:
return v;
label:
return 0;
}
private boolean signatureMatches(java.lang.String, java.lang.String)
{
byte[] v, v;
java.lang.String v, v;
org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator v;
boolean v, v;
v := @this: org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator;
v := @parameter: java.lang.String;
v := @parameter: java.lang.String;
v = virtualinvoke v.<java.lang.String: byte[] getBytes()>();
v = virtualinvoke v.<java.lang.String: byte[] getBytes()>();
v = staticinvoke <java.security.MessageDigest: boolean isEqual(byte[],byte[])>(v, v);
if v != 0 goto label;
v = 1;
goto label;
label:
v = 0;
label:
return v;
}
public static boolean parse(java.lang.String, java.util.Map)
{
java.lang.String[] v, v;
java.util.Map v;
int v, v, v, v;
java.lang.String v, v, v, v;
boolean v, v, v, v, v, v;
v := @parameter: java.lang.String;
v := @parameter: java.util.Map;
v = virtualinvoke v.<java.lang.String: java.lang.String[] split(java.lang.String)>(";");
v = lengthof v;
if v == 5 goto label;
return 0;
label:
v = lengthof v;
v = 0;
label:
if v >= v goto label;
v = v[v];
v = virtualinvoke v.<java.lang.String: java.lang.String[] split(java.lang.String)>("=");
v = lengthof v;
if v == 2 goto label;
return 0;
label:
v = v[0];
v = v[1];
interfaceinvoke v.<java.util.Map: java.lang.Object put(java.lang.Object,java.lang.Object)>(v, v);
v = v + 1;
goto label;
label:
v = interfaceinvoke v.<java.util.Map: boolean containsKey(java.lang.Object)>("u");
if v == 0 goto label;
v = interfaceinvoke v.<java.util.Map: boolean containsKey(java.lang.Object)>("time");
if v == 0 goto label;
v = interfaceinvoke v.<java.util.Map: boolean containsKey(java.lang.Object)>("id");
if v == 0 goto label;
v = interfaceinvoke v.<java.util.Map: boolean containsKey(java.lang.Object)>("sg");
if v == 0 goto label;
v = interfaceinvoke v.<java.util.Map: boolean containsKey(java.lang.Object)>("rs");
if v == 0 goto label;
v = 1;
goto label;
label:
v = 0;
label:
return v;
}
static void <clinit>()
{
org.slf4j.Logger v;
v = staticinvoke <org.slf4j.LoggerFactory: org.slf4j.Logger getLogger(java.lang.Class)>(class "Lorg/apache/hive/service/auth/saml/HiveSamlAuthTokenGenerator;");
<org.apache.hive.service.auth.saml.HiveSamlAuthTokenGenerator: org.slf4j.Logger LOG> = v;
return;
}
}