[branch-2.1](resource)fix check available fail when s3 aws_token is set and reset as, sk faild on be. (#34219)

2024-05-09 19:06:14 +08:00
parent 53332eb4ba
commit 7a40f2a547
7 changed files with 52 additions and 5 deletions
--- a/fe/fe-core/src/main/java/org/apache/doris/catalog/S3Resource.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/catalog/S3Resource.java
@ -105,7 +105,8 @@ public class S3Resource extends Resource {
        properties.putIfAbsent(S3Properties.REGION, region);
        String ak = properties.get(S3Properties.ACCESS_KEY);
        String sk = properties.get(S3Properties.SECRET_KEY);
-        CloudCredentialWithEndpoint credential = new CloudCredentialWithEndpoint(pingEndpoint, region, ak, sk);
+        String token = properties.get(S3Properties.SESSION_TOKEN);
+        CloudCredentialWithEndpoint credential = new CloudCredentialWithEndpoint(pingEndpoint, region, ak, sk, token);

        if (needCheck) {
            String bucketName = properties.get(S3Properties.BUCKET);
@ -123,6 +124,7 @@ public class S3Resource extends Resource {
        Map<String, String> propertiesPing = new HashMap<>();
        propertiesPing.put(S3Properties.Env.ACCESS_KEY, credential.getAccessKey());
        propertiesPing.put(S3Properties.Env.SECRET_KEY, credential.getSecretKey());
+        propertiesPing.put(S3Properties.Env.TOKEN, credential.getSessionToken());
        propertiesPing.put(S3Properties.Env.ENDPOINT, credential.getEndpoint());
        propertiesPing.put(S3Properties.Env.REGION, credential.getRegion());
        propertiesPing.put(PropertyConverter.USE_PATH_STYLE,
@ -188,6 +190,10 @@ public class S3Resource extends Resource {
        writeLock();
        for (Map.Entry<String, String> kv : properties.entrySet()) {
            replaceIfEffectiveValue(this.properties, kv.getKey(), kv.getValue());
+            if (kv.getKey().equals(S3Properties.Env.TOKEN)
+                    || kv.getKey().equals(S3Properties.SESSION_TOKEN)) {
+                this.properties.put(kv.getKey(), kv.getValue());
+            }
        }
        ++version;
        writeUnlock();
@ -197,11 +203,13 @@ public class S3Resource extends Resource {
    private CloudCredentialWithEndpoint getS3PingCredentials(Map<String, String> properties) {
        String ak = properties.getOrDefault(S3Properties.ACCESS_KEY, this.properties.get(S3Properties.ACCESS_KEY));
        String sk = properties.getOrDefault(S3Properties.SECRET_KEY, this.properties.get(S3Properties.SECRET_KEY));
+        String token = properties.getOrDefault(S3Properties.SESSION_TOKEN,
+                this.properties.get(S3Properties.SESSION_TOKEN));
        String endpoint = properties.getOrDefault(S3Properties.ENDPOINT, this.properties.get(S3Properties.ENDPOINT));
        String pingEndpoint = "http://" + endpoint;
        String region = S3Properties.getRegionOfEndpoint(pingEndpoint);
        properties.putIfAbsent(S3Properties.REGION, region);
-        return new CloudCredentialWithEndpoint(pingEndpoint, region, ak, sk);
+        return new CloudCredentialWithEndpoint(pingEndpoint, region, ak, sk, token);
    }

    private boolean isNeedCheck(Map<String, String> newProperties) {
@ -231,7 +239,9 @@ public class S3Resource extends Resource {
            // it's dangerous to show password in show odbc resource,
            // so we use empty string to replace the real password
            if (entry.getKey().equals(S3Properties.Env.SECRET_KEY)
-                    || entry.getKey().equals(S3Properties.SECRET_KEY)) {
+                    || entry.getKey().equals(S3Properties.SECRET_KEY)
+                    || entry.getKey().equals(S3Properties.Env.TOKEN)
+                    || entry.getKey().equals(S3Properties.SESSION_TOKEN)) {
                result.addRow(Lists.newArrayList(name, lowerCaseType, entry.getKey(), "******"));
            } else {
                result.addRow(Lists.newArrayList(name, lowerCaseType, entry.getKey(), entry.getValue()));
--- a/fe/fe-core/src/main/java/org/apache/doris/datasource/property/constants/S3Properties.java
+++ b/fe/fe-core/src/main/java/org/apache/doris/datasource/property/constants/S3Properties.java
@ -261,6 +261,7 @@ public class S3Properties extends BaseProperties {
        s3Info.setRegion(properties.get(S3Properties.REGION));
        s3Info.setAk(properties.get(S3Properties.ACCESS_KEY));
        s3Info.setSk(properties.get(S3Properties.SECRET_KEY));
+        s3Info.setToken(properties.get(S3Properties.SESSION_TOKEN));

        s3Info.setRootPath(properties.get(S3Properties.ROOT_PATH));
        s3Info.setBucket(properties.get(S3Properties.BUCKET));