}; /* class TokenEngine */
-class EC2Engine : public rgw::auth::s3::Version2ndEngine {
+class EC2Engine : public rgw::auth::s3::AWSEngine {
using acl_strategy_t = rgw::auth::RemoteApplier::acl_strategy_t;
using auth_info_t = rgw::auth::RemoteApplier::AuthInfo;
using result_t = rgw::auth::Engine::result_t;
const req_state* s) const override;
public:
EC2Engine(CephContext* const cct,
- const rgw::auth::s3::Version2ndEngine::Extractor* const extractor,
+ const rgw::auth::s3::AWSEngine::VersionAbstractor* const ver_abstractor,
const rgw::auth::RemoteApplier::Factory* const apl_factory,
rgw::keystone::Config& config,
/* The token cache is used ONLY for the retrieving admin token.
* Due to the architecture of AWS Auth S3 credentials cannot be
* cached at all. */
rgw::keystone::TokenCache& token_cache)
- : Version2ndEngine(cct, *extractor),
+ : AWSEngine(cct, *ver_abstractor),
apl_factory(apl_factory),
config(config),
token_cache(token_cache) {
}
- using Version2ndEngine::authenticate;
+ using AWSEngine::authenticate;
const char* get_name() const noexcept override {
return "rgw::auth::keystone::EC2Engine";
using s3_strategy_t = rgw::auth::s3::AWSv2AuthStrategy<ExtractorT>;
using s3_main_strategy_t = \
- s3_strategy_t<rgw::auth::s3::RGWS3V2Extractor>;
+ s3_strategy_t<rgw::auth::s3::AWSGeneralAbstractor>;
using s3_post_strategy_t = \
- s3_strategy_t<rgw::auth::s3::RGWGetPolicyV2Extractor>;
+ s3_strategy_t<rgw::auth::s3::AWSBrowserUploadAbstractor>;
s3_main_strategy_t s3_main_strategy;
s3_post_strategy_t s3_post_strategy;
public:
ExternalAuthStrategy(CephContext* const cct,
RGWRados* const store,
- Version2ndEngine::Extractor* const extractor)
+ AWSEngine::VersionAbstractor* const ver_abstractor)
: store(store),
- keystone_engine(cct, extractor,
+ keystone_engine(cct, ver_abstractor,
static_cast<rgw::auth::RemoteApplier::Factory*>(this),
keystone_config_t::get_instance(),
keystone_cache_t::get_instance<keystone_config_t>()),
- ldap_engine(cct, store, *extractor,
+ ldap_engine(cct, store, *ver_abstractor,
static_cast<rgw::auth::RemoteApplier::Factory*>(this)) {
if (cct->_conf->rgw_s3_auth_use_keystone &&
};
-template <class ExtractorT>
+template <class AbstractorT>
class AWSv2AuthStrategy : public rgw::auth::Strategy,
public rgw::auth::LocalApplier::Factory {
typedef rgw::auth::IdentityApplier::aplptr_t aplptr_t;
- static_assert(std::is_base_of<rgw::auth::s3::Version2ndEngine::Extractor,
- ExtractorT>::value,
- "ExtractorT must be a subclass of rgw::auth::s3::ExtractorT");
+ static_assert(std::is_base_of<rgw::auth::s3::AWSEngine::VersionAbstractor,
+ AbstractorT>::value,
+ "AbstractorT must be a subclass of rgw::auth::s3::VersionAbstractor");
RGWRados* const store;
- ExtractorT extractor;
+ AbstractorT ver_abstractor;
ExternalAuthStrategy external_engines;
- LocalVersion2ndEngine local_engine;
+ LocalEngine local_engine;
aplptr_t create_apl_local(CephContext* const cct,
const req_state* const s,
AWSv2AuthStrategy(CephContext* const cct,
RGWRados* const store)
: store(store),
- extractor(cct),
- external_engines(cct, store, &extractor),
- local_engine(cct, store, extractor,
+ ver_abstractor(cct),
+ external_engines(cct, store, &ver_abstractor),
+ local_engine(cct, store, ver_abstractor,
static_cast<rgw::auth::LocalApplier::Factory*>(this)) {
Control local_engine_mode;
namespace rgw {
namespace auth {
namespace s3 {
- class RGWGetPolicyV2Extractor;
+ class AWSBrowserUploadAbstractor;
}
class Completer;
}
/* Writer. */
friend class RGWPostObj_ObjStore_S3;
/* Reader. */
- friend class rgw::auth::s3::RGWGetPolicyV2Extractor;
+ friend class rgw::auth::s3::AWSBrowserUploadAbstractor;
std::string access_key;
std::string signature;
namespace auth {
namespace s3 {
-bool rgw::auth::s3::RGWS3V2Extractor::is_time_skew_ok(const utime_t& header_time,
- const bool qsr) const
+bool AWSGeneralAbstractor::is_time_skew_ok(const utime_t& header_time,
+ const bool qsr) const
{
/* Check for time skew first. */
const time_t req_sec = header_time.sec();
return nullptr;
}
-std::tuple<Version2ndEngine::Extractor::access_key_id_t,
- Version2ndEngine::Extractor::signature_t,
- Version2ndEngine::Extractor::string_to_sign_t,
- Version2ndEngine::Extractor::signature_factory_t,
- Version2ndEngine::Extractor::completer_factory_t>
-rgw::auth::s3::RGWS3V2Extractor::get_auth_data(const req_state* const s) const
+using AWSVerAbstractor = AWSEngine::VersionAbstractor;
+
+std::tuple<AWSVerAbstractor::access_key_id_t,
+ AWSVerAbstractor::signature_t,
+ AWSVerAbstractor::string_to_sign_t,
+ AWSVerAbstractor::signature_factory_t,
+ AWSVerAbstractor::completer_factory_t>
+AWSGeneralAbstractor::get_auth_data(const req_state* const s) const
{
std::string access_key_id;
std::string signature;
null_completer_factory);
}
-std::tuple<Version2ndEngine::Extractor::access_key_id_t,
- Version2ndEngine::Extractor::signature_t,
- Version2ndEngine::Extractor::string_to_sign_t,
- Version2ndEngine::Extractor::signature_factory_t,
- Version2ndEngine::Extractor::completer_factory_t>
-RGWGetPolicyV2Extractor::get_auth_data(const req_state* const s) const
+std::tuple<AWSVerAbstractor::access_key_id_t,
+ AWSVerAbstractor::signature_t,
+ AWSVerAbstractor::string_to_sign_t,
+ AWSVerAbstractor::signature_factory_t,
+ AWSVerAbstractor::completer_factory_t>
+AWSBrowserUploadAbstractor::get_auth_data(const req_state* const s) const
{
return std::make_tuple(s->auth.s3_postobj_creds.access_key,
s->auth.s3_postobj_creds.signature,
}
-/* LocalVersion2ndEngine */
+/* LocalEndgine */
rgw::auth::Engine::result_t
-rgw::auth::s3::LocalVersion2ndEngine::authenticate(const std::string& access_key_id,
- const std::string& signature,
- const std::string& string_to_sign,
- const req_state* const s) const
+rgw::auth::s3::LocalEngine::authenticate(const std::string& access_key_id,
+ const std::string& signature,
+ const std::string& string_to_sign,
+ const req_state* const s) const
{
/* get the user info */
RGWUserInfo user_info;
namespace s3 {
-class Version2ndEngine : public rgw::auth::Engine {
+class AWSEngine : public rgw::auth::Engine {
public:
- class Extractor {
+ class VersionAbstractor {
public:
- virtual ~Extractor() {};
+ virtual ~VersionAbstractor() {};
using access_key_id_t = std::string;
using signature_t = std::string;
protected:
CephContext* cct;
- const Extractor& extractor;
+ const VersionAbstractor& ver_abstractor;
- Version2ndEngine(CephContext* const cct, const Extractor& extractor)
+ AWSEngine(CephContext* const cct, const VersionAbstractor& ver_abstractor)
: cct(cct),
- extractor(extractor) {
+ ver_abstractor(ver_abstractor) {
}
using result_t = rgw::auth::Engine::result_t;
std::string signature;
std::string string_to_sign;
- Extractor::signature_factory_t signing_key_factory;
- Extractor::completer_factory_t completer_factory;
+ VersionAbstractor::signature_factory_t signature_factory;
+ VersionAbstractor::completer_factory_t completer_factory;
- /* Small reminder: an extractor is allowed to throw! */
+ /* Small reminder: an ver_abstractor is allowed to throw! */
std::tie(access_key_id,
signature,
string_to_sign,
- signing_key_factory,
- completer_factory) = extractor.get_auth_data(s);
+ signature_factory,
+ completer_factory) = ver_abstractor.get_auth_data(s);
if (access_key_id.empty() || signature.empty()) {
return result_t::deny(-EINVAL);
}
};
-class RGWS3V2Extractor : public Version2ndEngine::Extractor {
+class AWSGeneralAbstractor : public AWSEngine::VersionAbstractor {
CephContext* const cct;
bool is_time_skew_ok(const utime_t& header_time,
const bool qsr) const;
public:
- RGWS3V2Extractor(CephContext* const cct)
+ AWSGeneralAbstractor(CephContext* const cct)
: cct(cct) {
}
};
-class RGWGetPolicyV2Extractor : public Version2ndEngine::Extractor {
+class AWSBrowserUploadAbstractor : public AWSEngine::VersionAbstractor {
static std::string to_string(ceph::bufferlist bl) {
return std::string(bl.c_str(),
static_cast<std::string::size_type>(bl.length()));
}
public:
- RGWGetPolicyV2Extractor(CephContext*) {
+ AWSBrowserUploadAbstractor(CephContext*) {
}
std::tuple<access_key_id_t,
};
-class LDAPEngine : public Version2ndEngine {
+class LDAPEngine : public AWSEngine {
static rgw::LDAPHelper* ldh;
static std::mutex mtx;
public:
LDAPEngine(CephContext* const cct,
RGWRados* const store,
- const Extractor& extractor,
+ const VersionAbstractor& ver_abstractor,
const rgw::auth::RemoteApplier::Factory* const apl_factory)
- : Version2ndEngine(cct, extractor),
+ : AWSEngine(cct, ver_abstractor),
store(store),
apl_factory(apl_factory) {
init(cct);
}
- using Version2ndEngine::authenticate;
+ using AWSEngine::authenticate;
const char* get_name() const noexcept override {
return "rgw::auth::s3::LDAPEngine";
};
-class LocalVersion2ndEngine : public Version2ndEngine {
+class LocalEngine : public AWSEngine {
RGWRados* const store;
const rgw::auth::LocalApplier::Factory* const apl_factory;
const std::string& string_to_sign,
const req_state* s) const override;
public:
- LocalVersion2ndEngine(CephContext* const cct,
- RGWRados* const store,
- const Extractor& extractor,
- const rgw::auth::LocalApplier::Factory* const apl_factory)
- : Version2ndEngine(cct, extractor),
+ LocalEngine(CephContext* const cct,
+ RGWRados* const store,
+ const VersionAbstractor& ver_abstractor,
+ const rgw::auth::LocalApplier::Factory* const apl_factory)
+ : AWSEngine(cct, ver_abstractor),
store(store),
apl_factory(apl_factory) {
}
- using Version2ndEngine::authenticate;
+ using AWSEngine::authenticate;
const char* get_name() const noexcept override {
- return "rgw::auth::s3::LocalVersion2ndEngine";
+ return "rgw::auth::s3::LocalEngine";
}
};
projects / ceph.git / commitdiff