From fcd861f38f546e3a568bc92fb93d81c8a97f3b0c Mon Sep 17 00:00:00 2001 From: Ishank Arora Date: Tue, 21 Sep 2021 16:26:19 +0200 Subject: [PATCH] Add machine auth API key to ocs service --- ocs/pkg/config/config.go | 1 + ocs/pkg/flagset/flagset.go | 7 +++++++ ocs/pkg/service/v0/service.go | 2 +- ocs/pkg/service/v0/users.go | 2 +- proxy/pkg/flagset/flagset.go | 2 +- proxy/pkg/user/backend/accounts.go | 2 +- 6 files changed, 12 insertions(+), 4 deletions(-) diff --git a/ocs/pkg/config/config.go b/ocs/pkg/config/config.go index d43c06f9c..bb270ad5f 100644 --- a/ocs/pkg/config/config.go +++ b/ocs/pkg/config/config.go @@ -64,6 +64,7 @@ type Config struct { AccountBackend string RevaAddress string StorageUsersDriver string + MachineAuthAPIKey string IdentityManagement IdentityManagement Context context.Context diff --git a/ocs/pkg/flagset/flagset.go b/ocs/pkg/flagset/flagset.go index ef6e56fa5..de29ac450 100644 --- a/ocs/pkg/flagset/flagset.go +++ b/ocs/pkg/flagset/flagset.go @@ -165,6 +165,13 @@ func ServerWithConfig(cfg *config.Config) []cli.Flag { EnvVars: []string{"OCS_REVA_GATEWAY_ADDR"}, Destination: &cfg.RevaAddress, }, + &cli.StringFlag{ + Name: "machine-auth-api-key", + Value: flags.OverrideDefaultString(cfg.MachineAuthAPIKey, "change-me-please"), + Usage: "the API key to be used for the machine auth driver in reva", + EnvVars: []string{"OCS_MACHINE_AUTH_API_KEY", "OCIS_MACHINE_AUTH_API_KEY"}, + Destination: &cfg.MachineAuthAPIKey, + }, &cli.StringFlag{ Name: "idm-address", Value: flags.OverrideDefaultString(cfg.IdentityManagement.Address, "https://localhost:9200"), diff --git a/ocs/pkg/service/v0/service.go b/ocs/pkg/service/v0/service.go index 4466cbb54..a6875cc4b 100644 --- a/ocs/pkg/service/v0/service.go +++ b/ocs/pkg/service/v0/service.go @@ -165,7 +165,7 @@ func (o Ocs) getCS3Backend() backend.UserBackend { if err != nil { o.logger.Fatal().Msgf("could not get reva client at address %s", o.config.RevaAddress) } - return backend.NewCS3UserBackend(revaClient, nil, revaClient, o.logger) + return backend.NewCS3UserBackend(nil, revaClient, o.config.MachineAuthAPIKey, o.logger) } func (o Ocs) getGroupsService() accounts.GroupsService { diff --git a/ocs/pkg/service/v0/users.go b/ocs/pkg/service/v0/users.go index c11243451..87050c86c 100644 --- a/ocs/pkg/service/v0/users.go +++ b/ocs/pkg/service/v0/users.go @@ -736,7 +736,7 @@ func (o Ocs) fetchAccountByUsername(ctx context.Context, name string) (*accounts func (o Ocs) fetchAccountFromCS3Backend(ctx context.Context, name string) (*accounts.Account, error) { backend := o.getCS3Backend() - u, err := backend.GetUserByClaims(ctx, "username", name, false) + u, _, err := backend.GetUserByClaims(ctx, "username", name, false) if err != nil { return nil, err } diff --git a/proxy/pkg/flagset/flagset.go b/proxy/pkg/flagset/flagset.go index 1bad97812..32120dd33 100644 --- a/proxy/pkg/flagset/flagset.go +++ b/proxy/pkg/flagset/flagset.go @@ -295,7 +295,7 @@ func ServerWithConfig(cfg *config.Config) []cli.Flag { Name: "machine-auth-api-key", Value: flags.OverrideDefaultString(cfg.MachineAuthAPIKey, "change-me-please"), Usage: "the API key to be used for the machine auth driver in reva", - EnvVars: []string{"PROXY_MACHINE_AUTH_API_KEY"}, + EnvVars: []string{"PROXY_MACHINE_AUTH_API_KEY", "OCIS_MACHINE_AUTH_API_KEY"}, Destination: &cfg.MachineAuthAPIKey, }, diff --git a/proxy/pkg/user/backend/accounts.go b/proxy/pkg/user/backend/accounts.go index 34d93d390..2c599ac9a 100644 --- a/proxy/pkg/user/backend/accounts.go +++ b/proxy/pkg/user/backend/accounts.go @@ -178,7 +178,7 @@ func (a *accountsServiceBackend) getAccount(ctx context.Context, query string) ( }) if err != nil { - a.logger.Error().Err(err).Str("query", query).Msgf("error fetching from accounts-service") + a.logger.Error().Err(err).Str("query", query).Msgf("error fetching from accounts-service %+v", a.tokenManager) status = http.StatusInternalServerError return }