3 files changed, 48 insertions, 14 deletions

diff --git a/src/login/ldap_provider.rs b/src/login/ldap_provider.rs
index e73e1dc..42c993d 100644
--- a/src/login/ldap_provider.rs
+++ b/src/login/ldap_provider.rs
@@ -21,6 +21,7 @@ pub struct LdapLoginProvider {
 
     storage_specific: StorageSpecific,
     in_memory_store: storage::in_memory::MemDb,
+    garage_store: storage::garage::GarageRoot,
 }
 
 enum BucketSource {
@@ -91,7 +92,11 @@ impl LdapLoginProvider {
             mail_attr: config.mail_attr,
             crypto_root_attr: config.crypto_root_attr,
             storage_specific: specific,
+            //@FIXME should be created outside of the login provider
+            //Login provider should return only a cryptoroot + a storage URI
+            //storage URI that should be resolved outside...
             in_memory_store: storage::in_memory::MemDb::new(),
+            garage_store: storage::garage::GarageRoot::new(),
         })
     }
 
@@ -114,7 +119,7 @@ impl LdapLoginProvider {
                     BucketSource::Attr(a) => get_attr(user, &a)?,
                 };
 
-                storage::garage::GarageBuilder::new(storage::garage::GarageConf {
+                self.garage_store.user(storage::garage::GarageConf {
                     region: from_config.aws_region.clone(),
                     s3_endpoint: from_config.s3_endpoint.clone(),
                     k2v_endpoint: from_config.k2v_endpoint.clone(),
diff --git a/src/login/static_provider.rs b/src/login/static_provider.rs
index 1e1ecbf..e190a91 100644
--- a/src/login/static_provider.rs
+++ b/src/login/static_provider.rs
@@ -25,6 +25,7 @@ pub struct UserDatabase {
 pub struct StaticLoginProvider {
     user_db: watch::Receiver<UserDatabase>,
     in_memory_store: storage::in_memory::MemDb,
+    garage_store: storage::garage::GarageRoot,
 }
 
 pub async fn update_user_list(config: PathBuf, up: watch::Sender<UserDatabase>) -> Result<()> {
@@ -84,6 +85,7 @@ impl StaticLoginProvider {
         Ok(Self {
             user_db: rx,
             in_memory_store: storage::in_memory::MemDb::new(),
+            garage_store: storage::garage::GarageRoot::new(),
         })
     }
 }
@@ -109,7 +111,7 @@ impl LoginProvider for StaticLoginProvider {
         let storage: storage::Builder = match &user.config.storage {
             StaticStorage::InMemory => self.in_memory_store.builder(username).await,
             StaticStorage::Garage(grgconf) => {
-                storage::garage::GarageBuilder::new(storage::garage::GarageConf {
+                self.garage_store.user(storage::garage::GarageConf {
                     region: grgconf.aws_region.clone(),
                     k2v_endpoint: grgconf.k2v_endpoint.clone(),
                     s3_endpoint: grgconf.s3_endpoint.clone(),
@@ -140,7 +142,7 @@ impl LoginProvider for StaticLoginProvider {
         let storage: storage::Builder = match &user.config.storage {
             StaticStorage::InMemory => self.in_memory_store.builder(&user.username).await,
             StaticStorage::Garage(grgconf) => {
-                storage::garage::GarageBuilder::new(storage::garage::GarageConf {
+                self.garage_store.user(storage::garage::GarageConf {
                     region: grgconf.aws_region.clone(),
                     k2v_endpoint: grgconf.k2v_endpoint.clone(),
                     s3_endpoint: grgconf.s3_endpoint.clone(),
diff --git a/src/storage/garage.rs b/src/storage/garage.rs
index 709e729..870854a 100644
--- a/src/storage/garage.rs
+++ b/src/storage/garage.rs
@@ -1,7 +1,38 @@
 use crate::storage::*;
 use aws_sdk_s3::{self as s3, error::SdkError, operation::get_object::GetObjectError};
+use aws_smithy_runtime::client::http::hyper_014::HyperClientBuilder;
+use aws_smithy_runtime_api::client::http::SharedHttpClient;
+//use hyper_rustls::HttpsConnector;
+//use hyper_util::client::legacy::connect::HttpConnector;
+
+
 use serde::Serialize;
 
+pub struct GarageRoot {
+    aws_http: SharedHttpClient,
+}
+
+impl GarageRoot {
+    pub fn new() -> Self {
+        /*let http = hyper_rustls::HttpsConnectorBuilder::new()
+            .https_or_http()
+            .with_native_roots()
+            .enable_http1()
+            .enable_http2()
+            .build();*/
+        let aws_http = HyperClientBuilder::new().build_https();
+        Self { aws_http }
+    }
+
+    pub fn user(&self, conf: GarageConf) -> anyhow::Result<Arc<GarageUser>> {
+        let mut unicity: Vec<u8> = vec![];
+        unicity.extend_from_slice(file!().as_bytes());
+        unicity.append(&mut rmp_serde::to_vec(&conf)?);
+
+        Ok(Arc::new(GarageUser { conf, aws_http: self.aws_http.clone(), unicity }))
+    }
+}
+
 #[derive(Clone, Debug, Serialize)]
 pub struct GarageConf {
     pub region: String,
@@ -12,23 +43,18 @@ pub struct GarageConf {
     pub bucket: String,
 }
 
+//@FIXME we should get rid of this builder
+//and allocate a S3 + K2V client only once per user
+//(and using a shared HTTP client)
 #[derive(Clone, Debug)]
-pub struct GarageBuilder {
+pub struct GarageUser {
     conf: GarageConf,
+    aws_http: SharedHttpClient,
     unicity: Vec<u8>,
 }
 
-impl GarageBuilder {
-    pub fn new(conf: GarageConf) -> anyhow::Result<Arc<Self>> {
-        let mut unicity: Vec<u8> = vec![];
-        unicity.extend_from_slice(file!().as_bytes());
-        unicity.append(&mut rmp_serde::to_vec(&conf)?);
-        Ok(Arc::new(Self { conf, unicity }))
-    }
-}
-
 #[async_trait]
-impl IBuilder for GarageBuilder {
+impl IBuilder for GarageUser {
     async fn build(&self) -> Result<Store, StorageError> {
         let s3_creds = s3::config::Credentials::new(
             self.conf.aws_access_key_id.clone(),
@@ -41,6 +67,7 @@ impl IBuilder for GarageBuilder {
         let sdk_config = aws_config::from_env()
             .region(aws_config::Region::new(self.conf.region.clone()))
             .credentials_provider(s3_creds)
+            .http_client(self.aws_http.clone())
             .endpoint_url(self.conf.s3_endpoint.clone())
             .load()
             .await;