in thriftserver/server/src/main/scala/org/apache/livy/thriftserver/auth/PlainSaslServer.scala [51:104]
override def evaluateResponse(response: Array[Byte]): Array[Byte] = {
try {
// parse the response
// message = [authzid] UTF8NUL authcid UTF8NUL passwd'
val tokenList: util.Deque[String] = new util.ArrayDeque[String]
var messageToken = new StringBuilder
for (b <- response) {
if (b == 0) {
tokenList.addLast(messageToken.toString)
messageToken = new StringBuilder
} else {
messageToken.append(b.toChar)
}
}
tokenList.addLast(messageToken.toString)
// validate response
if (tokenList.size < 2 || tokenList.size > 3) {
throw new SaslException("Invalid message format")
}
val passwd: String = tokenList.removeLast()
user = tokenList.removeLast()
// optional authzid
var authzId: String = null
if (tokenList.isEmpty) {
authzId = user
} else {
authzId = tokenList.removeLast()
}
if (user == null || user.isEmpty) {
throw new SaslException("No user name provided")
}
if (passwd == null || passwd.isEmpty) {
throw new SaslException("No password name provided")
}
val nameCallback = new NameCallback("User")
nameCallback.setName(user)
val pcCallback = new PasswordCallback("Password", false)
pcCallback.setPassword(passwd.toCharArray)
val acCallback = new AuthorizeCallback(user, authzId)
val cbList = Array[Callback](nameCallback, pcCallback, acCallback)
handler.handle(cbList)
if (!acCallback.isAuthorized) {
throw new SaslException("Authentication failed")
}
} catch {
case eL: IllegalStateException =>
throw new SaslException("Invalid message format", eL)
case eI: IOException =>
throw new SaslException("Error validating the login", eI)
case eU: UnsupportedCallbackException =>
throw new SaslException("Error validating the login", eU)
}
null
}