[ISSUE apache#9133] Credentials enhancement

zeyu-zh · Jan 17, 2025 · 50d63e4 · 50d63e4
1 parent 14ca1ce
commit 50d63e4
Show file tree

Hide file tree

Showing 4 changed files with 60 additions and 4 deletions.
diff --git a/acl/src/main/java/org/apache/rocketmq/acl/common/AclClientRPCHook.java b/acl/src/main/java/org/apache/rocketmq/acl/common/AclClientRPCHook.java
@@ -27,14 +27,19 @@
 import static org.apache.rocketmq.acl.common.SessionCredentials.SIGNATURE;
 
 public class AclClientRPCHook implements RPCHook {
-    private final SessionCredentials sessionCredentials;
+    private final SessionCredentialsProvider sessionCredentialsProvider;
 
     public AclClientRPCHook(SessionCredentials sessionCredentials) {
-        this.sessionCredentials = sessionCredentials;
+        this.sessionCredentialsProvider = new StaticSessionCredentialsProvider(sessionCredentials);
+    }
+
+    public AclClientRPCHook(SessionCredentialsProvider sessionCredentialsProvider) {
+        this.sessionCredentialsProvider = sessionCredentialsProvider;
     }
 
     @Override
     public void doBeforeRequest(String remoteAddr, RemotingCommand request) {
+        SessionCredentials sessionCredentials = this.sessionCredentialsProvider.getSessionCredentials();
         // Add AccessKey and SecurityToken into signature calculating.
         request.addExtField(ACCESS_KEY, sessionCredentials.getAccessKey());
         // The SecurityToken value is unnecessary,user can choose this one.
@@ -59,6 +64,6 @@ protected SortedMap<String, String> parseRequestContent(RemotingCommand request)
     }
 
     public SessionCredentials getSessionCredentials() {
-        return sessionCredentials;
+        return this.sessionCredentialsProvider.getSessionCredentials();
     }
 }
diff --git a/acl/src/main/java/org/apache/rocketmq/acl/common/SessionCredentialsProvider.java b/acl/src/main/java/org/apache/rocketmq/acl/common/SessionCredentialsProvider.java
@@ -0,0 +1,21 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.rocketmq.acl.common;
+
+public interface SessionCredentialsProvider {
+    SessionCredentials getSessionCredentials();
+}
diff --git a/acl/src/main/java/org/apache/rocketmq/acl/common/StaticSessionCredentialsProvider.java b/acl/src/main/java/org/apache/rocketmq/acl/common/StaticSessionCredentialsProvider.java
@@ -0,0 +1,30 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.rocketmq.acl.common;
+
+public class StaticSessionCredentialsProvider implements SessionCredentialsProvider {
+    private final SessionCredentials sessionCredentials;
+
+    public StaticSessionCredentialsProvider(SessionCredentials sessionCredentials) {
+        this.sessionCredentials = sessionCredentials;
+    }
+
+    @Override
+    public SessionCredentials getSessionCredentials() {
+        return this.sessionCredentials;
+    }
+}
diff --git a/acl/src/test/java/org/apache/rocketmq/acl/common/AclClientRPCHookTest.java b/acl/src/test/java/org/apache/rocketmq/acl/common/AclClientRPCHookTest.java
@@ -36,7 +36,7 @@
 public class AclClientRPCHookTest {
     protected ConcurrentHashMap<Class<? extends CommandCustomHeader>, Field[]> fieldCache =
         new ConcurrentHashMap<>();
-    private AclClientRPCHook aclClientRPCHook = new AclClientRPCHook(null);
+    private AclClientRPCHook aclClientRPCHook = new AclClientRPCHook((SessionCredentials) null);
 
     @Test
     public void testParseRequestContent() {