mirror of
https://github.com/apache/impala.git
synced 2025-12-19 09:58:28 -05:00
025500ccb5
This patch added JWT support with following functionality: * Load and parse JWKS from pre-installed JSON file. * Read the JWT token from the HTTP Header. * Verify the JWT's signature with public key in JWKS. * Get the username out of the payload of JWT token. * Support following JSON Web Algorithms (JWA): HS256, HS384, HS512, RS256, RS384, RS512. We use third party library jwt-cpp to verify JWT token. jwt-cpp is a headers only C++ library. It was added to native-toolchain. This patch modified bootstrap_toolchain.py to download jwt-cpp from toolchain s3 bucket, and modified makefiles to add jwt-cpp/include in the include path. Added BE unit-tests for loading JWKS file and verifying JWT token. Also added FE custom cluster test for JWT authentication. Testing: - Passed core run. Change-Id: I6b71fa854c9ddc8ca882878853395e1eb866143c Reviewed-on: http://gerrit.cloudera.org:8080/17435 Reviewed-by: Joe McDonnell <joemcdonnell@cloudera.com> Tested-by: Impala Public Jenkins <impala-public-jenkins@cloudera.com>
39 lines
1.4 KiB
CMake
39 lines
1.4 KiB
CMake
##############################################################################
|
|
# Licensed to the Apache Software Foundation (ASF) under one
|
|
# or more contributor license agreements. See the NOTICE file
|
|
# distributed with this work for additional information
|
|
# regarding copyright ownership. The ASF licenses this file
|
|
# to you under the Apache License, Version 2.0 (the
|
|
# "License"); you may not use this file except in compliance
|
|
# with the License. You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing,
|
|
# software distributed under the License is distributed on an
|
|
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
# KIND, either express or implied. See the License for the
|
|
# specific language governing permissions and limitations
|
|
# under the License.
|
|
##############################################################################
|
|
|
|
# - Find jwt-cpp headers.
|
|
# JWT_CPP_ROOT hints the location
|
|
# This module defines JWT_CPP_INCLUDE_DIR, the directory containing headers
|
|
|
|
set(JWT_CPP_SEARCH_HEADER_PATHS ${JWT_CPP_ROOT}/include)
|
|
|
|
find_path(JWT_CPP_INCLUDE_DIR jwt-cpp/jwt.h HINTS
|
|
${JWT_CPP_SEARCH_HEADER_PATHS})
|
|
|
|
if (NOT JWT_CPP_INCLUDE_DIR)
|
|
message(FATAL_ERROR "jwt-cpp headers NOT found.")
|
|
set(JWT_CPP_FOUND FALSE)
|
|
else()
|
|
set(JWT_CPP_FOUND TRUE)
|
|
endif ()
|
|
|
|
mark_as_advanced(
|
|
JWT_CPP_INCLUDE_DIR
|
|
)
|