From: Tobias Urdin <tobias.urdin@binero.se>
Date: Mon, 9 May 2022 15:10:36 +0000 (+0000)
Subject: rgw/auth: Add assert if allow_expired is not false
X-Git-Tag: v18.1.0~1023^2~2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=4f902029babb763783a329209a12268a9278646a;p=ceph.git

rgw/auth: Add assert if allow_expired is not false

This adds an assert if allow_expired is not false where
it must be false and should logically only get there when
it's false.

Signed-off-by: Tobias Urdin <tobias.urdin@binero.com>
---

diff --git a/src/rgw/rgw_auth_keystone.cc b/src/rgw/rgw_auth_keystone.cc
index 8cdb05b6d3bb..d247ffabd918 100644
--- a/src/rgw/rgw_auth_keystone.cc
+++ b/src/rgw/rgw_auth_keystone.cc
@@ -268,6 +268,7 @@ TokenEngine::authenticate(const DoutPrefixProvider* dpp,
     } else {
       /* Service token was not found in cache. Go to Keystone for validating
        * the token. The allow_expired here must always be false. */
+      ceph_assert(allow_expired == false);
       st = get_from_keystone(dpp, service_token, allow_expired);
 
       if (! st) {