OPTION(rgw_swift_auth_url, OPT_STR, "") // default URL to go and verify tokens for v1 auth (if not using internal swift auth)
OPTION(rgw_swift_auth_entry, OPT_STR, "auth") // entry point for which a url is considered a swift auth url
OPTION(rgw_swift_tenant_name, OPT_STR, "") // tenant name to use for swift access
+OPTION(rgw_swift_account_in_url, OPT_BOOL, false) // assume that URL always contain the account (aka tenant) part
OPTION(rgw_swift_enforce_content_length, OPT_BOOL, false) // enforce generation of Content-Length even in cost of performance or scalability
OPTION(rgw_keystone_url, OPT_STR, "") // url for keystone server
OPTION(rgw_keystone_admin_token, OPT_STR, "") // keystone admin token (shared secret)
utime_t header_time;
/* Set once when url_bucket is parsed and not violated thereafter. */
+ string account_name;
+
string bucket_tenant;
string bucket_name;
next_tok(req, ver, '/');
- string tenant;
- if (!tenant_path.empty()) {
- next_tok(req, tenant, '/');
+ if (!tenant_path.empty() || g_conf->rgw_swift_account_in_url) {
+ string account_name;
+ next_tok(req, account_name, '/');
+
+ /* Erase all pre-defined prefixes like "AUTH_" or "KEY_". */
+ const vector<string> skipped_prefixes = { "AUTH_", "KEY_" };
+
+ for (const auto pfx : skipped_prefixes) {
+ const size_t comp_len = min(account_name.length(), pfx.length());
+ if (account_name.compare(0, comp_len, pfx) == 0) {
+ /* Prefix is present. Drop it. */
+ account_name = account_name.substr(comp_len);
+ break;
+ }
+ }
+
+ if (account_name.empty()) {
+ return -ERR_PRECONDITION_FAILED;
+ } else {
+ s->account_name = account_name;
+ }
}
s->os_auth_token = s->info.env->get("HTTP_X_AUTH_TOKEN");
if (!g_conf->rgw_swift_tenant_name.empty()) {
tenant_path = "/AUTH_";
tenant_path.append(g_conf->rgw_swift_tenant_name);
+ } else if (g_conf->rgw_swift_account_in_url) {
+ tenant_path = "/AUTH_";
+ tenant_path.append(user_str);
}
STREAM_IO(s)->print("X-Storage-Url: %s/%s/v1%s\r\n", swift_url.c_str(),
projects / ceph.git / commitdiff