Enable machine auth in ocdav

services/ocdav/pkg/command/server.go

@@ -64,6 +64,7 @@ func Server(cfg *config.Config) *cli.Command {
 					ocdav.Version(cfg.Status.Version),
 					ocdav.VersionString(cfg.Status.VersionString),
 					ocdav.Edition(cfg.Status.Edition),
+					ocdav.MachineAuthAPIKey(cfg.MachineAuthAPIKey),
 					// ocdav.FavoriteManager() // FIXME needs a proper persistence implementation https://github.com/owncloud/ocis/issues/1228
 					// ocdav.LockSystem(), // will default to the CS3 lock system
 					// ocdav.TLSConfig() // tls config for the http server

services/ocdav/pkg/config/config.go

@@ -32,6 +32,8 @@ type Config struct {
 	Timeout    int64      `yaml:"gateway_request_timeout" env:"OCDAV_GATEWAY_REQUEST_TIMEOUT" desc:"Request timeout in seconds for requests from the oCDAV service to the gateway service."`
 	Middleware Middleware `yaml:"middleware"`
 
+	MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;OCDAV_MACHINE_AUTH_API_KEY" desc:"Machine auth API key used for validating requests from other services when impersonating users."`
+
 	Context context.Context `yaml:"-"`
 	Status  Status          `yaml:"-"`
 }

services/ocdav/pkg/config/defaults/defaultconfig.go

@@ -43,6 +43,7 @@ func DefaultConfig() *config.Config {
 				CredentialsByUserAgent: map[string]string{},
 			},
 		},
+		MachineAuthAPIKey: "",
 		Status: config.Status{
 			Version:        version.Legacy,
 			VersionString:  version.LegacyString,

services/ocdav/pkg/config/parser/parse.go

@@ -37,6 +37,9 @@ func Validate(cfg *config.Config) error {
 	if cfg.TokenManager.JWTSecret == "" {
 		return shared.MissingJWTTokenError(cfg.Service.Name)
 	}
+	if cfg.MachineAuthAPIKey == "" {
+		return shared.MissingMachineAuthApiKeyError(cfg.Service.Name)
+	}
 
 	return nil
 }