diff options
| -rw-r--r-- | garage.go | 19 |
1 files changed, 13 insertions, 6 deletions
@@ -109,17 +109,15 @@ func grgGetBucket(bid string) (*garage.BucketInfo, error) { } -func checkLoginAndS3(w http.ResponseWriter, r *http.Request) (*LoginStatus, *garage.KeyInfo, error) { - login := checkLogin(w, r) +func checkS3(login *LoginStatus) (*garage.KeyInfo, error) { if login == nil { - return nil, nil, errors.New("LDAP login failed") + return nil, errors.New("Login can't be nil") } - keyID := login.UserEntry.GetAttributeValue("garage_s3_access_key") if keyID == "" { keyPair, err := grgCreateKey(login.Info.Username) if err != nil { - return login, nil, err + return nil, err } modify_request := ldap.NewModifyRequest(login.Info.DN, nil) modify_request.Replace("garage_s3_access_key", []string{*keyPair.AccessKeyId}) @@ -128,11 +126,20 @@ func checkLoginAndS3(w http.ResponseWriter, r *http.Request) (*LoginStatus, *gar // or when bottin will be able to dynamically fetch it. modify_request.Replace("garage_s3_secret_key", []string{*keyPair.SecretAccessKey}) err = login.conn.Modify(modify_request) - return login, keyPair, err + return keyPair, err } // Note: we could simply return the login info, but LX asked we do not // store the secrets in LDAP in the future. keyPair, err := grgGetKey(keyID) + return keyPair, err +} + +func checkLoginAndS3(w http.ResponseWriter, r *http.Request) (*LoginStatus, *garage.KeyInfo, error) { + login := checkLogin(w, r) + if login == nil { + return nil, nil, errors.New("LDAP login failed") + } + keyPair, err := checkS3(login) return login, keyPair, err } |