From: Pritha Srivastava <prsrivas@redhat.com>
Date: Thu, 11 Mar 2021 12:57:45 +0000 (+0530)
Subject: rgw/sts: fixes getsessiontoken authenticated with LDAP/Keystone,
X-Git-Tag: v16.2.15~96^2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=fcf92e217767494f3d4dac53d4656567afb5ced7;p=ceph.git

rgw/sts: fixes getsessiontoken authenticated with LDAP/Keystone,
when object is uploaded via chunked encoding.

fixes: https://tracker.ceph.com/issues/49797

Signed-off-by: Pritha Srivastava <prsrivas@redhat.com>
(cherry picked from commit f1407efb903bbb264a68ed962086194feaed0b44)
---

diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index fe45f6c71d77..c25c5d9ddd4a 100644
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -5954,7 +5954,7 @@ rgw::auth::s3::STSEngine::authenticate(
   if (token.acct_type == TYPE_KEYSTONE || token.acct_type == TYPE_LDAP) {
     auto apl = remote_apl_factory->create_apl_remote(cct, s, get_acl_strategy(),
                                             get_creds_info(token));
-    return result_t::grant(std::move(apl), completer_factory(boost::none));
+    return result_t::grant(std::move(apl), completer_factory(token.secret_access_key));
   } else if (token.acct_type == TYPE_ROLE) {
     t_attrs.user_id = std::move(token.user); // This is mostly needed to assign the owner of a bucket during its creation
     t_attrs.token_policy = std::move(token.policy);