Use machine auth when using cs3 backend in proxy service

2026-02-20 04:29:24 -06:00 · 2021-10-14 17:14:36 +02:00
parent 35905f4a09
commit 26ec5f0a40
2 changed files with 3 additions and 7 deletions
--- a/proxy/pkg/user/backend/cs3.go
+++ b/proxy/pkg/user/backend/cs3.go
@@ -31,14 +31,9 @@ func NewCS3UserBackend(rs settings.RoleService, ap RevaAuthenticator, machineAut
 }

 func (c *cs3backend) GetUserByClaims(ctx context.Context, claim, value string, withRoles bool) (*cs3.User, string, error) {
-	// We only support authentication via username for now
-	if claim != "username" {
-		return nil, "", fmt.Errorf("claim: %s not supported", claim)
-	}
-
 	res, err := c.authProvider.Authenticate(ctx, &gateway.AuthenticateRequest{
-		Type:         "bearer",
-		ClientId:     value,
+		Type:         "machine",
+		ClientId:     claim + ":" + value,
 		ClientSecret: c.machineAuthAPIKey,
 	})

--- a/storage/pkg/command/gateway.go
+++ b/storage/pkg/command/gateway.go
@@ -164,6 +164,7 @@ func gatewayConfigFromStruct(c *cli.Context, cfg *config.Config, logger log.Logg
 							"rules": map[string]interface{}{
 								"basic":        cfg.Reva.AuthBasic.Endpoint,
 								"bearer":       cfg.Reva.AuthBearer.Endpoint,
+								"machine":      cfg.Reva.AuthMachine.Endpoint,
 								"publicshares": cfg.Reva.StoragePublicLink.Endpoint,
 							},
 						},