From 2ad5ec06771636e797c649c1a161277e057f46f0 Mon Sep 17 00:00:00 2001
From: Radoslaw Zarzynski <rzarzynski@mirantis.com>
Date: Mon, 4 Apr 2016 15:03:00 +0200
Subject: [PATCH] rgw: introduce the Extractor concept to the auth
 infrastructure.

Signed-off-by: Radoslaw Zarzynski <rzarzynski@mirantis.com>
---
 src/rgw/rgw_auth.h       | 16 ++++++++++------
 src/rgw/rgw_swift_auth.h | 19 ++++++++++++++++---
 2 files changed, 26 insertions(+), 9 deletions(-)

diff --git a/src/rgw/rgw_auth.h b/src/rgw/rgw_auth.h
index 1704a690ca049..99d99c7e39686 100644
--- a/src/rgw/rgw_auth.h
+++ b/src/rgw/rgw_auth.h
@@ -260,10 +260,16 @@ protected:
   const std::string token;
 
 public:
+  class Extractor {
+  public:
+    virtual ~Extractor() {};
+    virtual std::string get_token() const = 0;
+  };
+
   RGWTokenBasedAuthEngine(CephContext * const cct,
-                          const std::string token)
+                          const Extractor& extr)
     : RGWAuthEngine(cct),
-      token(token) {
+      token(extr.get_token()) {
   }
 
   bool is_applicable() const noexcept override {
@@ -271,8 +277,6 @@ public:
   }
 };
 
-/* TODO: introduce extractors for TokenBased. */
-
 /* Keystone. */
 class RGWKeystoneAuthEngine : public RGWTokenBasedAuthEngine {
 protected:
@@ -286,9 +290,9 @@ protected:
                                                ) const noexcept;
 public:
   RGWKeystoneAuthEngine(CephContext * const cct,
-                        const std::string token,
+                        const Extractor& extr,
                         const RGWRemoteAuthApplier::Factory * const apl_factory)
-    : RGWTokenBasedAuthEngine(cct, token),
+    : RGWTokenBasedAuthEngine(cct, extr),
       apl_factory(apl_factory) {
   }
 
diff --git a/src/rgw/rgw_swift_auth.h b/src/rgw/rgw_swift_auth.h
index 39438ea992c3f..60ede6fdfa166 100644
--- a/src/rgw/rgw_swift_auth.h
+++ b/src/rgw/rgw_swift_auth.h
@@ -65,9 +65,9 @@ protected:
 public:
   RGWSignedTokenAuthEngine(CephContext * const cct,
                            /* const */RGWRados * const store,
-                           const std::string token,
+                           const Extractor& extr,
                            const RGWLocalAuthApplier::Factory * const apl_factory)
-    : RGWTokenBasedAuthEngine(cct, token),
+    : RGWTokenBasedAuthEngine(cct, extr),
       store(store),
       apl_factory(apl_factory) {
   }
@@ -83,7 +83,6 @@ protected:
   /* const */ RGWRados * const store;
   const RGWLocalAuthApplier::Factory * const apl_factory;
 public:
-  //using RGWTokenBasedAuthEngine::RGWTokenBasedAuthEngine;
   RGWExternalTokenAuthEngine(CephContext * const cct,
                              /* const */RGWRados * const store,
                              const Extractor& extr,
@@ -98,6 +97,20 @@ public:
 };
 
 
+/* Extractor for X-Auth-Token present in req_state. */
+class RGWXAuthTokenExtractor : public RGWTokenBasedAuthEngine::Extractor {
+protected:
+  const req_state * const s;
+public:
+  RGWXAuthTokenExtractor(const req_state * const s)
+    : s(s) {
+  }
+  std::string get_token() const {
+    return s->info.env->get("HTTP_X_AUTH_TOKEN", "");
+  }
+};
+
+
 extern int rgw_swift_verify_signed_token(CephContext *cct,
                                          RGWRados *store,
                                          const char *token,
-- 
2.39.5