rgw/auth: Add assert if allow_expired is not false

This adds an assert if allow_expired is not false where
it must be false and should logically only get there when
it's false.

Signed-off-by: Tobias Urdin <tobias.urdin@binero.com>

diff --git a/src/rgw/rgw_auth_keystone.cc b/src/rgw/rgw_auth_keystone.cc
index 8cdb05b6d3bb61121eb4f63f15dcf7942294248b..d247ffabd9184fe861a314c7297c758df757cc1c 100644 (file)
--- a/src/rgw/rgw_auth_keystone.cc
+++ b/src/rgw/rgw_auth_keystone.cc
@@ -268,6 +268,7 @@ TokenEngine::authenticate(const DoutPrefixProvider* dpp,
     } else {
       /* Service token was not found in cache. Go to Keystone for validating
        * the token. The allow_expired here must always be false. */
+      ceph_assert(allow_expired == false);
       st = get_from_keystone(dpp, service_token, allow_expired);
 
       if (! st) {