Merge pull request ceph#4 from shivanshu21/hammer_IAM_nonMock1

Hammer iam non mock1
abhidixit · Feb 3, 2016 · b489d6d · b489d6d
2 parents 97811c5 + 9c2d1fd
commit b489d6d
Show file tree

Hide file tree

Showing 5 changed files with 525 additions and 169 deletions.
diff --git a/src/rgw/rgw_main.cc b/src/rgw/rgw_main.cc
@@ -710,16 +710,38 @@ void RGWLoadGenProcess::handle_request(RGWRequest *r)
 static int civetweb_callback(struct mg_connection *conn) {
   struct mg_request_info *req_info = mg_get_request_info(conn);
   RGWProcessEnv *pe = static_cast<RGWProcessEnv *>(req_info->user_data);
+
   RGWRados *store = pe->store;
   RGWREST *rest = pe->rest;
   OpsLogSocket *olog = pe->olog;
 
+  /* Go through all the headers to find out if the authentication
+   * method required is EC2 signature or tokens.
+   * While there can be at most 100 header fields in a HTTP request,
+   * http_headers is an array of size 64 elements inside civetweb */
+  for (int i = 0; i < 64; i++) {
+      if ((req_info->http_headers[i]).name != NULL) {
+          string name_str((req_info->http_headers[i]).name);
+          string value_str((req_info->http_headers[i]).value);
+          dout(1) << "DSS INFO: CIVETWEB HEADER NAME: " << name_str << dendl;
+          dout(1) << "DSS INFO: CIVETWEB HEADER VALUE: " << value_str << dendl;
+
+          if (name_str.compare("X-Auth-Token") == 0) {
+              // This request has a token not EC2 credentials
+              (store->auth_method).set_token_validation(true);
+              // Fill the token string even if it is blank
+              // Keystone will handle the rest
+              (store->auth_method).set_token(value_str);
+          }
+      }
+  }
+  dout(1) << "DSS INFO: token validation set to: " << (store->auth_method).get_token_validation() << dendl;
+
   RGWRequest *req = new RGWRequest(store->get_new_req_id());
   RGWMongoose client_io(conn, pe->port);
 
   client_io.init(g_ceph_context);
 
-
   int ret = process_request(store, rest, req, &client_io, olog);
   if (ret < 0) {
     /* we don't really care about return code */

diff --git a/src/rgw/rgw_rados.h b/src/rgw/rgw_rados.h
@@ -1276,7 +1276,9 @@ class RGWRados
                quota_handler(NULL),
                finisher(NULL),
                rest_master_conn(NULL),
-               meta_mgr(NULL), data_log(NULL) {}
+               meta_mgr(NULL),
+               data_log(NULL),
+               auth_method(false) {}
 
   uint64_t get_new_req_id() {
     return max_req_id.inc();
@@ -1294,6 +1296,33 @@ class RGWRados
     zone_name = name;
   }
 
+  /* Holds info on whether the request should be
+   * validated via EC2 signature or Auth tokens */
+  class authorization_method {
+      private:
+          bool _token_validation;
+          string _token;
+      public:
+          inline bool get_token_validation()
+          {
+              return _token_validation;
+          }
+          inline void set_token_validation(bool method)
+          {
+              _token_validation = method;
+          }
+          inline string get_token()
+          {
+              return _token;
+          }
+          inline void set_token(string tok)
+          {
+              _token = tok;
+          }
+          authorization_method(bool method) : _token_validation(method) { }
+          ~authorization_method() { }
+  } auth_method;
+
   RGWRegion region;
   RGWZoneParams zone; /* internal zone params, e.g., rados pools */
   RGWZone zone_public_config; /* external zone params, e.g., entrypoints, log flags, etc. */