diff options
| author | Yehuda Sadeh <yehuda@inktank.com> | 2012-10-30 16:38:33 -0700 |
|---|---|---|
| committer | Yehuda Sadeh <yehuda@inktank.com> | 2012-10-30 16:38:54 -0700 |
| commit | 421c352e33e5ff557abb61875343341405ee248e (patch) | |
| tree | 57437f4af1d10cbb73df2d7710f65bba12b04768 | |
| parent | 845e862a71c4d700430a67cd025d1b60695f23d2 (diff) | |
| download | ceph-421c352e33e5ff557abb61875343341405ee248e.tar.gz | |
rgw: auto create rgw user for new keystone users
We now also read the user info when authenticating the keystone
user.
Signed-off-by: Yehuda Sadeh <yehuda@inktank.com>
| -rw-r--r-- | src/rgw/rgw_swift.cc | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/src/rgw/rgw_swift.cc b/src/rgw/rgw_swift.cc index b45f884baf1..47d67a76cea 100644 --- a/src/rgw/rgw_swift.cc +++ b/src/rgw/rgw_swift.cc @@ -129,8 +129,8 @@ int KeystoneTokenResponseParser::parse(bufferlist& bl) return -EINVAL; } - if (!user->get_data("name", &user_name)) { - dout(0) << "token response is missing user name" << dendl; + if (!user->get_data("username", &user_name)) { + dout(0) << "token response is missing user username field" << dendl; return -EINVAL; } @@ -181,7 +181,8 @@ static int rgw_parse_keystone_token_response(bufferlist& bl, struct rgw_swift_au return 0; } -static int rgw_swift_validate_keystone_token(const char *token, struct rgw_swift_auth_info *info) +static int rgw_swift_validate_keystone_token(RGWRados *store, const char *token, struct rgw_swift_auth_info *info, + RGWUserInfo& rgw_user) { bufferlist bl; RGWValidateKeystoneToken validate(&bl); @@ -204,6 +205,18 @@ static int rgw_swift_validate_keystone_token(const char *token, struct rgw_swift if (ret < 0) return ret; + if (rgw_get_user_info_by_uid(store, info->user, rgw_user) < 0) { + dout(0) << "NOTICE: couldn't map swift user" << dendl; + rgw_user.user_id = info->user; + rgw_user.display_name = info->user; /* no display name available */ + + ret = rgw_store_user_info(store, rgw_user, true); + if (ret < 0) { + dout(0) << "ERROR: failed to store new user's info: ret=" << ret << dendl; + return ret; + } + } + return 0; } @@ -228,7 +241,7 @@ bool rgw_verify_swift_token(RGWRados *store, req_state *s) int ret; if (g_conf->rgw_swift_use_keystone) { - ret = rgw_swift_validate_keystone_token(s->os_auth_token, &info); + ret = rgw_swift_validate_keystone_token(store, s->os_auth_token, &info, s->user); return (ret >= 0); } |