rgw: implement SwiftAnonymousEngine.

Signed-off-by: Radoslaw Zarzynski <rzarzynski@mirantis.com>

diff --git a/src/rgw/rgw_auth.cc b/src/rgw/rgw_auth.cc
index 111c81692974fa4db665ba7630743ef23c960b23..6311d4b16ab323e47a1f01b840559de44bb69121 100644 (file)
--- a/src/rgw/rgw_auth.cc
+++ b/src/rgw/rgw_auth.cc
@@ -421,7 +421,7 @@ void rgw::auth::LocalApplier::load_acct_info(RGWUserInfo& user_info) const /* ou
 rgw::auth::Engine::result_t
 rgw::auth::AnonymousEngine::authenticate(const req_state* const s) const
 {
-  if (! is_applicable()) {
+  if (! is_applicable(s)) {
     return result_t::deny();
   } else {
     RGWUserInfo user_info;

diff --git a/src/rgw/rgw_auth.h b/src/rgw/rgw_auth.h
index 0eed7074841138378347b2130e691d2feda9d06f..fb72c5c5351cb078630b4afa1b0b48f699929f05 100644 (file)
--- a/src/rgw/rgw_auth.h
+++ b/src/rgw/rgw_auth.h
@@ -470,7 +470,7 @@ public:
   Engine::result_t authenticate(const req_state* s) const override final;
 
 protected:
-  virtual bool is_applicable() const noexcept {
+  virtual bool is_applicable(const req_state*) const noexcept {
     return true;
   }
 };

diff --git a/src/rgw/rgw_swift_auth.h b/src/rgw/rgw_swift_auth.h
index 3b5397f43b535bdada11c6f52b3fd5398fa30844..d4ed3c2915593a2e99cc2bcee006648c536add52 100644 (file)
--- a/src/rgw/rgw_swift_auth.h
+++ b/src/rgw/rgw_swift_auth.h
@@ -135,6 +135,28 @@ public:
   }
 };
 
+
+class SwiftAnonymousEngine : public rgw::auth::AnonymousEngine {
+  const rgw::auth::TokenExtractor* const extractor;
+
+  bool is_applicable(const req_state* s) const noexcept override {
+    return extractor->get_token(s).empty();
+  }
+
+public:
+  SwiftAnonymousEngine(CephContext* const cct,
+                       const rgw::auth::LocalApplier::Factory* const apl_factory,
+                       const rgw::auth::TokenExtractor* const extractor)
+    : AnonymousEngine(cct, apl_factory),
+      extractor(extractor) {
+  }
+
+  const char* get_name() const noexcept override {
+    return "rgw::auth::swift::SwiftAnonymousEngine";
+  }
+};
+
+
 class DefaultStrategy : public rgw::auth::Strategy,
                         public rgw::auth::TokenExtractor,
                         public rgw::auth::RemoteApplier::Factory,
@@ -147,7 +169,7 @@ class DefaultStrategy : public rgw::auth::Strategy,
   const rgw::auth::swift::SignedTokenEngine signed_engine;
   const rgw::auth::keystone::TokenEngine keystone_engine;
   const rgw::auth::swift::ExternalTokenEngine external_engine;
-  const rgw::auth::AnonymousEngine anon_engine;
+  const rgw::auth::swift::SwiftAnonymousEngine anon_engine;
 
   using keystone_config_t = rgw::keystone::CephCtxConfig;
   using keystone_cache_t = rgw::keystone::TokenCache;
@@ -216,7 +238,8 @@ public:
                       static_cast<rgw::auth::TokenExtractor*>(this),
                       static_cast<rgw::auth::LocalApplier::Factory*>(this)),
       anon_engine(cct,
-                  static_cast<rgw::auth::LocalApplier::Factory*>(this)) {
+                  static_cast<rgw::auth::LocalApplier::Factory*>(this),
+                  static_cast<rgw::auth::TokenExtractor*>(this)) {
     /* When the constructor's body is being executed, all member engines
      * should be initialized. Thus, we can safely add them. */
     using Control = rgw::auth::Strategy::Control;