split LDAP and S3

garage.go

@@ -109,17 +109,15 @@ func grgGetBucket(bid string) (*garage.BucketInfo, error) {
 
 }
 
-func checkLoginAndS3(w http.ResponseWriter, r *http.Request) (*LoginStatus, *garage.KeyInfo, error) {
+func checkS3(login *LoginStatus) (*garage.KeyInfo, error) {
-	login := checkLogin(w, r)
 	if login == nil {
-		return nil, nil, errors.New("LDAP login failed")
+		return nil, errors.New("Login can't be nil")
 	}
-
 	keyID := login.UserEntry.GetAttributeValue("garage_s3_access_key")
 	if keyID == "" {
 		keyPair, err := grgCreateKey(login.Info.Username)
 		if err != nil {
-			return login, nil, err
+			return nil, err
 		}
 		modify_request := ldap.NewModifyRequest(login.Info.DN, nil)
 		modify_request.Replace("garage_s3_access_key", []string{*keyPair.AccessKeyId})
@@ -128,11 +126,20 @@ func checkLoginAndS3(w http.ResponseWriter, r *http.Request) (*LoginStatus, *gar
 		// or when bottin will be able to dynamically fetch it.
 		modify_request.Replace("garage_s3_secret_key", []string{*keyPair.SecretAccessKey})
 		err = login.conn.Modify(modify_request)
-		return login, keyPair, err
+		return keyPair, err
 	}
 	// Note: we could simply return the login info, but LX asked we do not
 	// store the secrets in LDAP in the future.
 	keyPair, err := grgGetKey(keyID)
+	return keyPair, err
+}
+
+func checkLoginAndS3(w http.ResponseWriter, r *http.Request) (*LoginStatus, *garage.KeyInfo, error) {
+	login := checkLogin(w, r)
+	if login == nil {
+		return nil, nil, errors.New("LDAP login failed")
+	}
+	keyPair, err := checkS3(login)
 	return login, keyPair, err
 }