From: Radoslaw Zarzynski <rzarzynski@mirantis.com>
Date: Tue, 18 Apr 2017 14:55:51 +0000 (+0200)
Subject: rgw: AWSv4's completer_factory takes the secret_key optionally.
X-Git-Tag: v12.1.0~155^2~40
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=420f1c005f9db4b59db2c6f07bb3ee17ec736827;p=ceph.git

rgw: AWSv4's completer_factory takes the secret_key optionally.

Signed-off-by: Radoslaw Zarzynski <rzarzynski@mirantis.com>
---

diff --git a/src/rgw/rgw_auth_keystone.cc b/src/rgw/rgw_auth_keystone.cc
index 99a257178730..614f837cecb7 100644
--- a/src/rgw/rgw_auth_keystone.cc
+++ b/src/rgw/rgw_auth_keystone.cc
@@ -475,7 +475,7 @@ rgw::auth::Engine::result_t EC2Engine::authenticate(
 
     auto apl = apl_factory->create_apl_remote(cct, s, get_acl_strategy(*t),
                                               get_creds_info(*t, accepted_roles.admin));
-    return result_t::grant(std::move(apl), completer_factory());
+    return result_t::grant(std::move(apl), completer_factory(boost::none));
   }
 }
 
diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index 2bd30f974c21..42950811591b 100644
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -4210,7 +4210,7 @@ rgw::auth::s3::LDAPEngine::authenticate(
 
   auto apl = apl_factory->create_apl_remote(cct, s, get_acl_strategy(),
                                             get_creds_info(base64_token));
-  return result_t::grant(std::move(apl), completer_factory());
+  return result_t::grant(std::move(apl), completer_factory(boost::none));
 }
 
 
@@ -4258,5 +4258,5 @@ rgw::auth::s3::LocalEngine::authenticate(
   }
 
   auto apl = apl_factory->create_apl_local(cct, s, user_info, k.subuser);
-  return result_t::grant(std::move(apl), completer_factory());
+  return result_t::grant(std::move(apl), completer_factory(k.key));
 }
diff --git a/src/rgw/rgw_rest_s3.h b/src/rgw/rgw_rest_s3.h
index df23f210a744..0cb51bfb6e11 100644
--- a/src/rgw/rgw_rest_s3.h
+++ b/src/rgw/rgw_rest_s3.h
@@ -689,9 +689,11 @@ public:
                                 const std::string& string_to_sign)>;
 
     /* Return an instance of Completer for verifying the payload's fingerprint
-     * if necessary. Otherwise caller gets nullptr. */
+     * if necessary. Otherwise caller gets nullptr. Caller may provide secret
+     * key */
     using completer_factory_t = \
-      std::function<rgw::auth::Completer::cmplptr_t(void)>;
+      std::function<rgw::auth::Completer::cmplptr_t(
+        const boost::optional<std::string>& secret_key)>;
 
     virtual std::tuple<access_key_id_t,
                        signature_t,