aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorQuentin Dufour <quentin@deuxfleurs.fr>2023-09-15 14:38:46 +0200
committerQuentin Dufour <quentin@deuxfleurs.fr>2023-09-15 14:38:46 +0200
commit9c21c2e799449ae303ed764ba1677366d0571e8d (patch)
tree97fbbbc6121b75d2f1250a137d496da9dea14af8
parent74113fad490ccdaa00961c5818eaa107781dfd79 (diff)
downloadguichet-9c21c2e799449ae303ed764ba1677366d0571e8d.tar.gz
guichet-9c21c2e799449ae303ed764ba1677366d0571e8d.zip
split LDAP and S3
-rw-r--r--garage.go19
1 files changed, 13 insertions, 6 deletions
diff --git a/garage.go b/garage.go
index 1ae02e4..61d1b93 100644
--- a/garage.go
+++ b/garage.go
@@ -109,17 +109,15 @@ func grgGetBucket(bid string) (*garage.BucketInfo, error) {
}
-func checkLoginAndS3(w http.ResponseWriter, r *http.Request) (*LoginStatus, *garage.KeyInfo, error) {
- login := checkLogin(w, r)
+func checkS3(login *LoginStatus) (*garage.KeyInfo, error) {
if login == nil {
- return nil, nil, errors.New("LDAP login failed")
+ return nil, errors.New("Login can't be nil")
}
-
keyID := login.UserEntry.GetAttributeValue("garage_s3_access_key")
if keyID == "" {
keyPair, err := grgCreateKey(login.Info.Username)
if err != nil {
- return login, nil, err
+ return nil, err
}
modify_request := ldap.NewModifyRequest(login.Info.DN, nil)
modify_request.Replace("garage_s3_access_key", []string{*keyPair.AccessKeyId})
@@ -128,11 +126,20 @@ func checkLoginAndS3(w http.ResponseWriter, r *http.Request) (*LoginStatus, *gar
// or when bottin will be able to dynamically fetch it.
modify_request.Replace("garage_s3_secret_key", []string{*keyPair.SecretAccessKey})
err = login.conn.Modify(modify_request)
- return login, keyPair, err
+ return keyPair, err
}
// Note: we could simply return the login info, but LX asked we do not
// store the secrets in LDAP in the future.
keyPair, err := grgGetKey(keyID)
+ return keyPair, err
+}
+
+func checkLoginAndS3(w http.ResponseWriter, r *http.Request) (*LoginStatus, *garage.KeyInfo, error) {
+ login := checkLogin(w, r)
+ if login == nil {
+ return nil, nil, errors.New("LDAP login failed")
+ }
+ keyPair, err := checkS3(login)
return login, keyPair, err
}