rgw: es: support username and password for ES

For ES endpoints terminated with a username and password, either via xpack or
fronted by another webserver with http basic auth, we now support "username" and
"password" configurable which should be capable of doing HTTP basic
authentication

Fixes: https://tracker.ceph.com/issues/23655
Signed-off-by: Abhishek Lekshmanan <abhishek@suse.com>

diff --git a/src/rgw/rgw_sync_module_es.cc b/src/rgw/rgw_sync_module_es.cc
index 5b6b11c864e81f459be7626c9ec9145419a6de3e..599e0c1cca185b57f8afc8fbd11aa192b4ba5a0d 100644 (file)
--- a/src/rgw/rgw_sync_module_es.cc
+++ b/src/rgw/rgw_sync_module_es.cc
@@ -1,6 +1,7 @@
 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
 // vim: ts=8 sw=2 smarttab
 
+#include "rgw_b64.h"
 #include "rgw_common.h"
 #include "rgw_coroutine.h"
 #include "rgw_sync_module.h"
@@ -170,6 +171,7 @@ struct ElasticConfig {
   ItemList allow_owners;
   uint32_t num_shards{0};
   uint32_t num_replicas{0};
+  std::map <string,string> default_headers = {{ "Content-Type", "application/json" }};
 
   void init(CephContext *cct, const JSONFormattable& config) {
     string elastic_endpoint = config["endpoint"];
@@ -184,6 +186,12 @@ struct ElasticConfig {
       num_shards = ES_NUM_SHARDS_MIN;
     }
     num_replicas = config["num_replicas"](ES_NUM_REPLICAS_DEFAULT);
+    if (string user = config["username"], pw = config["password"];
+        !user.empty() && !pw.empty()) {
+      auto auth_string = user + ":" + pw;
+      default_headers.emplace("AUTHORIZATION", "Basic " + rgw::to_base64(auth_string));
+    }
+
   }
 
   void init_instance(const RGWRealm& realm, uint64_t instance_id) {
@@ -565,15 +573,12 @@ public:
   int operate() override {
     reenter(this) {
       ldout(sync_env->cct, 0) << ": init elasticsearch config zone=" << sync_env->source_zone << dendl;
-      yield {
-        auto hdrs = make_param_list(&conf->default_headers);
-        call(new RGWReadRESTResourceCR<ESInfo> (sync_env->cct,
-                                                conf->conn.get(),
-                                                sync_env->http_manager,
-                                                "/", nullptr /*params*/,
-                                                &hdrs,
-                                                &es_info));
-      }
+      yield call(new RGWReadRESTResourceCR<ESInfo> (sync_env->cct,
+                                                    conf->conn.get(),
+                                                    sync_env->http_manager,
+                                                    "/", nullptr /*params*/,
+                                                    &(conf->default_headers),
+                                                    &es_info));
       if (retcode < 0) {
         return set_cr_error(retcode);
       }
@@ -590,12 +595,11 @@ public:
         }
 
         es_index_config index_conf(settings, mappings);
-        std::map <string, string> hdrs = {{ "Content-Type", "application/json" }};
         call(new RGWPutRESTResourceCR<es_index_config, int> (sync_env->cct,
                                                              conf->conn.get(),
                                                              sync_env->http_manager,
                                                              path, nullptr /*params*/,
-                                                             &hdrs,
+                                                             &(conf->default_headers),
                                                              index_conf, nullptr));
       }
       if (retcode < 0) {
@@ -626,11 +630,10 @@ public:
         string path = conf->get_obj_path(bucket_info, key);
         es_obj_metadata doc(sync_env->cct, conf, bucket_info, key, mtime, size, attrs, versioned_epoch);
 
-        std::map <string, string> hdrs = {{ "Content-Type", "application/json" }};
         call(new RGWPutRESTResourceCR<es_obj_metadata, int>(sync_env->cct, conf->conn.get(),
                                                             sync_env->http_manager,
                                                             path, nullptr /* params */,
-                                                            &hdrs,
+                                                            &(conf->default_headers),
                                                             doc, nullptr /* result */));
 
       }