An API for Guichet #23
1 changed files with 13 additions and 6 deletions
19
garage.go
19
garage.go
|
@ -109,17 +109,15 @@ func grgGetBucket(bid string) (*garage.BucketInfo, error) {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func checkLoginAndS3(w http.ResponseWriter, r *http.Request) (*LoginStatus, *garage.KeyInfo, error) {
|
func checkS3(login *LoginStatus) (*garage.KeyInfo, error) {
|
||||||
login := checkLogin(w, r)
|
|
||||||
if login == nil {
|
if login == nil {
|
||||||
return nil, nil, errors.New("LDAP login failed")
|
return nil, errors.New("Login can't be nil")
|
||||||
}
|
}
|
||||||
|
|
||||||
keyID := login.UserEntry.GetAttributeValue("garage_s3_access_key")
|
keyID := login.UserEntry.GetAttributeValue("garage_s3_access_key")
|
||||||
if keyID == "" {
|
if keyID == "" {
|
||||||
keyPair, err := grgCreateKey(login.Info.Username)
|
keyPair, err := grgCreateKey(login.Info.Username)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return login, nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
modify_request := ldap.NewModifyRequest(login.Info.DN, nil)
|
modify_request := ldap.NewModifyRequest(login.Info.DN, nil)
|
||||||
modify_request.Replace("garage_s3_access_key", []string{*keyPair.AccessKeyId})
|
modify_request.Replace("garage_s3_access_key", []string{*keyPair.AccessKeyId})
|
||||||
|
@ -128,11 +126,20 @@ func checkLoginAndS3(w http.ResponseWriter, r *http.Request) (*LoginStatus, *gar
|
||||||
// or when bottin will be able to dynamically fetch it.
|
// or when bottin will be able to dynamically fetch it.
|
||||||
modify_request.Replace("garage_s3_secret_key", []string{*keyPair.SecretAccessKey})
|
modify_request.Replace("garage_s3_secret_key", []string{*keyPair.SecretAccessKey})
|
||||||
err = login.conn.Modify(modify_request)
|
err = login.conn.Modify(modify_request)
|
||||||
return login, keyPair, err
|
return keyPair, err
|
||||||
}
|
}
|
||||||
// Note: we could simply return the login info, but LX asked we do not
|
// Note: we could simply return the login info, but LX asked we do not
|
||||||
// store the secrets in LDAP in the future.
|
// store the secrets in LDAP in the future.
|
||||||
keyPair, err := grgGetKey(keyID)
|
keyPair, err := grgGetKey(keyID)
|
||||||
|
return keyPair, err
|
||||||
|
}
|
||||||
|
|
||||||
|
func checkLoginAndS3(w http.ResponseWriter, r *http.Request) (*LoginStatus, *garage.KeyInfo, error) {
|
||||||
|
login := checkLogin(w, r)
|
||||||
|
if login == nil {
|
||||||
|
return nil, nil, errors.New("LDAP login failed")
|
||||||
|
}
|
||||||
|
keyPair, err := checkS3(login)
|
||||||
return login, keyPair, err
|
return login, keyPair, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue