org.apache.hadoop.fs.azurebfs.extensions

Interface CustomTokenProviderAdaptee

@InterfaceAudience.LimitedPrivate(value="authorization-subsystems")
 @InterfaceStability.Unstable
public interface CustomTokenProviderAdaptee

This interface provides an extensibility model for customizing the acquisition of Azure Active Directory Access Tokens. When "fs.azure.account.auth.type" is set to "Custom", implementors may use the "fs.azure.account.oauth.provider.type.{accountName}" configuration property to specify a class with a custom implementation of CustomTokenProviderAdaptee. This class will be dynamically loaded, initialized, and invoked to provide AAD Access Tokens and their Expiry.

Method Summary

Modifier and Type	Method and Description
String	getAccessToken() Obtain the access token that should be added to https connection's header.
Date	getExpiryTime() Obtain expiry time of the token.
void	initialize(org.apache.hadoop.conf.Configuration configuration, String accountName) Initialize with supported configuration.

Method Detail

initialize

void initialize(org.apache.hadoop.conf.Configuration configuration,
                String accountName)
         throws IOException

Initialize with supported configuration. This method is invoked when the (URI, Configuration)} method is invoked.

Parameters:

configuration - Configuration object

accountName - Account Name

Throws:

IOException - if instance can not be configured.

getAccessToken

String getAccessToken()
               throws IOException

Obtain the access token that should be added to https connection's header. Will be called depending upon getExpiryTime() expiry time is set, so implementations should be performant. Implementations are responsible for any refreshing of the token.

Returns:

String containing the access token

Throws:

IOException - if there is an error fetching the token

getExpiryTime

Date getExpiryTime()

Obtain expiry time of the token. If implementation is performant enough to maintain expiry and expect getAccessToken() call for every connection then safe to return current or past time. However recommended to use the token expiry time received from Azure Active Directory.

Returns:

Date to expire access token retrieved from AAD.