using result_t = rgw::auth::Engine::result_t;
using token_envelope_t = rgw::keystone::TokenEnvelope;
- const rgw::auth::TokenExtractor* const extractor;
+ const rgw::auth::TokenExtractor* const auth_token_extractor;
+ const rgw::auth::TokenExtractor* const service_token_extractor;
const rgw::auth::RemoteApplier::Factory* const apl_factory;
rgw::keystone::Config& config;
rgw::keystone::TokenCache& token_cache;
public:
TokenEngine(CephContext* const cct,
- const rgw::auth::TokenExtractor* const extractor,
+ const rgw::auth::TokenExtractor* const auth_token_extractor,
+ const rgw::auth::TokenExtractor* const service_token_extractor,
const rgw::auth::RemoteApplier::Factory* const apl_factory,
rgw::keystone::Config& config,
rgw::keystone::TokenCache& token_cache)
: cct(cct),
- extractor(extractor),
+ auth_token_extractor(auth_token_extractor),
+ service_token_extractor(service_token_extractor),
apl_factory(apl_factory),
config(config),
token_cache(token_cache) {
result_t authenticate(const DoutPrefixProvider* dpp, const req_state* const s,
optional_yield y) const override {
- return authenticate(dpp, extractor->get_token(s), extractor->get_service_token(s), s);
+ return authenticate(dpp, auth_token_extractor->get_token(s), service_token_extractor->get_token(s), s);
}
}; /* class TokenEngine */
class DefaultStrategy : public rgw::auth::Strategy,
- public rgw::auth::TokenExtractor,
public rgw::auth::RemoteApplier::Factory,
public rgw::auth::LocalApplier::Factory,
public rgw::auth::swift::TempURLApplier::Factory {
using acl_strategy_t = rgw::auth::RemoteApplier::acl_strategy_t;
/* The method implements TokenExtractor for X-Auth-Token present in req_state. */
- std::string get_token(const req_state* const s) const override {
- /* Returning a reference here would end in GCC complaining about a reference
- * to temporary. */
- return s->info.env->get("HTTP_X_AUTH_TOKEN", "");
- }
+ struct AuthTokenExtractor : rgw::auth::TokenExtractor {
+ std::string get_token(const req_state* const s) const override {
+ /* Returning a reference here would end in GCC complaining about a reference
+ * to temporary. */
+ return s->info.env->get("HTTP_X_AUTH_TOKEN", "");
+ }
+ } auth_token_extractor;
/* The method implements TokenExtractor for X-Service-Token present in req_state. */
- std::string get_service_token(const req_state* const s) const override {
- return s->info.env->get("HTTP_X_SERVICE_TOKEN", "");
- }
+ struct ServiceTokenExtractor : rgw::auth::TokenExtractor {
+ std::string get_token(const req_state* const s) const override {
+ return s->info.env->get("HTTP_X_SERVICE_TOKEN", "");
+ }
+ } service_token_extractor;
aplptr_t create_apl_remote(CephContext* const cct,
const req_state* const s,
static_cast<rgw::auth::swift::TempURLApplier::Factory*>(this)),
signed_engine(cct,
store,
- static_cast<rgw::auth::TokenExtractor*>(this),
+ static_cast<rgw::auth::TokenExtractor*>(&auth_token_extractor),
static_cast<rgw::auth::LocalApplier::Factory*>(this)),
external_engine(cct,
store,
- static_cast<rgw::auth::TokenExtractor*>(this),
+ static_cast<rgw::auth::TokenExtractor*>(&auth_token_extractor),
static_cast<rgw::auth::LocalApplier::Factory*>(this)),
anon_engine(cct,
static_cast<SwiftAnonymousApplier::Factory*>(this),
- static_cast<rgw::auth::TokenExtractor*>(this)) {
+ static_cast<rgw::auth::TokenExtractor*>(&auth_token_extractor)) {
/* When the constructor's body is being executed, all member engines
* should be initialized. Thus, we can safely add them. */
using Control = rgw::auth::Strategy::Control;
* engine is disabled or not. */
if (! cct->_conf->rgw_keystone_url.empty()) {
keystone_engine.emplace(cct,
- static_cast<rgw::auth::TokenExtractor*>(this),
+ static_cast<rgw::auth::TokenExtractor*>(&auth_token_extractor),
+ static_cast<rgw::auth::TokenExtractor*>(&service_token_extractor),
static_cast<rgw::auth::RemoteApplier::Factory*>(this),
keystone_config_t::get_instance(),
keystone_cache_t::get_instance<keystone_config_t>());
projects / ceph.git / commitdiff