I'd like to clarify our plan of improvements in this test.
Currently the test writes the token into a file, then sets the file name as MRJobConfig.MAPREDUCE_JOB_CREDENTIALS_BINARY value in the config, and also passes the same file name as a value of a dedicated config property (KEY_SECURITY_TOKEN).
In the job: it gets the tokens from the job context (context.getCredentials().getAllTokens()), and gets the delegation token from there by the known key: let it be token X.
After that it gets the binary file name from the job config (key KEY_SECURITY_TOKEN), reads the file, de-serializing the token: let it be token Y.
Then the job asserts X.equals(Y).
This way the binary token propagation and serialization/de-serialization is checked, and this pretty much corresponds to the test name.
As I understand, you suggested to check also that the same delegation token is present in UserGroupInformation.getCurrentUser().getTokens(), right?
So, If I add this check, will you be okay with that test? Or, do you have other suggestions on how to improve it?