XRootD
XrdMacaroons.cc File Reference
#include <stdexcept>
#include <dlfcn.h>
#include "XrdMacaroonsHandler.hh"
#include "XrdMacaroonsAuthz.hh"
#include "XrdOuc/XrdOucEnv.hh"
#include "XrdOuc/XrdOucString.hh"
#include "XrdOuc/XrdOucPinPath.hh"
#include "XrdSys/XrdSysError.hh"
#include "XrdSys/XrdSysLogger.hh"
#include "XrdHttp/XrdHttpExtHandler.hh"
#include "XrdAcc/XrdAccAuthorize.hh"
#include "XrdVersion.hh"
+ Include dependency graph for XrdMacaroons.cc:

Go to the source code of this file.

Functions

XrdAccAuthorizeXrdAccAuthorizeObjAdd (XrdSysLogger *log, const char *config, const char *params, XrdOucEnv *, XrdAccAuthorize *chain_authz)
 
XrdAccAuthorizeXrdAccAuthorizeObject (XrdSysLogger *log, const char *config, const char *parms)
 
XrdAccAuthorizeXrdAccDefaultAuthorizeObject (XrdSysLogger *lp, const char *cfn, const char *parm, XrdVersionInfo &myVer)
 
XrdHttpExtHandlerXrdHttpGetExtHandler (XrdSysError *log, const char *config, const char *parms, XrdOucEnv *env)
 
 XrdVERSIONINFO (XrdAccAuthorizeObjAdd, XrdMacaroons)
 
 XrdVERSIONINFO (XrdAccAuthorizeObject, XrdMacaroons)
 
 XrdVERSIONINFO (XrdHttpGetExtHandler, XrdMacaroons)
 
static XrdVERSIONINFODEF (compiledVer, XrdAccTest, XrdVNUMBER, XrdVERSION)
 

Variables

XrdSciTokensHelperSciTokensHelper = nullptr
 

Function Documentation

◆ XrdAccAuthorizeObjAdd()

XrdAccAuthorize* XrdAccAuthorizeObjAdd ( XrdSysLogger log,
const char *  config,
const char *  params,
XrdOucEnv ,
XrdAccAuthorize chain_authz 
)

Definition at line 34 of file XrdMacaroons.cc.

39 {
40  try
41  {
42  auto new_authz = new Macaroons::Authz(log, config, chain_authz);
43  SciTokensHelper = new_authz;
44  return new_authz;
45  }
46  catch (std::runtime_error &e)
47  {
48  XrdSysError err(log, "macaroons");
49  err.Emsg("Config", "Configuration of Macaroon authorization handler failed", e.what());
50  return NULL;
51  }
52 }
XrdSciTokensHelper * SciTokensHelper
Definition: XrdMacaroons.cc:30

References XrdSysError::Emsg(), and SciTokensHelper.

+ Here is the call graph for this function:

◆ XrdAccAuthorizeObject()

XrdAccAuthorize* XrdAccAuthorizeObject ( XrdSysLogger log,
const char *  config,
const char *  parms 
)

Definition at line 54 of file XrdMacaroons.cc.

57 {
58  XrdAccAuthorize *chain_authz = NULL;
59 
60  if (parms && parms[0]) {
61  XrdOucString parms_str(parms);
62  XrdOucString chained_lib;
63  XrdSysError *err = new XrdSysError(log, "authlib");
64  int from = parms_str.tokenize(chained_lib, 0, ' ');
65  const char *chained_parms = NULL;
66  err->Emsg("Config", "Will chain library", chained_lib.c_str());
67  if (from > 0)
68  {
69  parms_str.erasefromstart(from);
70  if (parms_str.length())
71  {
72  err->Emsg("Config", "Will chain parameters", parms_str.c_str());
73  chained_parms = parms_str.c_str();
74  }
75  }
76  char resolvePath[2048];
77  bool usedAltPath{true};
78  if (!XrdOucPinPath(chained_lib.c_str(), usedAltPath, resolvePath, 2048)) {
79  err->Emsg("Config", "Failed to locate appropriately versioned chained auth library:", parms);
80  delete err;
81  return NULL;
82  }
83  void *handle_base = dlopen(resolvePath, RTLD_LOCAL|RTLD_NOW);
84  if (handle_base == NULL) {
85  err->Emsg("Config", "Failed to base plugin ", resolvePath, dlerror());
86  delete err;
87  return NULL;
88  }
89 
90  XrdAccAuthorize *(*ep)(XrdSysLogger *, const char *, const char *);
91  ep = (XrdAccAuthorize *(*)(XrdSysLogger *, const char *, const char *))
92  (dlsym(handle_base, "XrdAccAuthorizeObject"));
93  if (!ep)
94  {
95  err->Emsg("Config", "Unable to chain second authlib after macaroons", parms);
96  delete err;
97  return NULL;
98  }
99 
100  chain_authz = (*ep)(log, config, chained_parms);
101 
102  if (chain_authz == NULL) {
103  err->Emsg("Config", "Unable to chain second authlib after macaroons "
104  "which returned NULL");
105  delete err;
106  return NULL;
107  }
108  }
109  else
110  {
111  chain_authz = XrdAccDefaultAuthorizeObject(log, config, parms, compiledVer);
112  }
113  try
114  {
115  auto new_authz = new Macaroons::Authz(log, config, chain_authz);
116  SciTokensHelper = new_authz;
117  return new_authz;
118  }
119  catch (const std::runtime_error &e)
120  {
121  XrdSysError err(log, "macaroons");
122  err.Emsg("Config", "Configuration of Macaroon authorization handler failed", e.what());
123  return NULL;
124  }
125 }
XrdAccAuthorize * XrdAccDefaultAuthorizeObject(XrdSysLogger *lp, const char *cfn, const char *parm, XrdVersionInfo &myVer)
Definition: XrdAccAccess.cc:64
int XrdOucPinPath(const char *piPath, bool &noAltP, char *buff, int blen)
const char * c_str() const
int Emsg(const char *esfx, int ecode, const char *text1, const char *text2=0)
Definition: XrdSysError.cc:95

References XrdOucString::c_str(), XrdSysError::Emsg(), XrdOucString::erasefromstart(), XrdOucString::length(), SciTokensHelper, XrdOucString::tokenize(), XrdAccDefaultAuthorizeObject(), and XrdOucPinPath().

+ Here is the call graph for this function:

◆ XrdAccDefaultAuthorizeObject()

XrdAccAuthorize* XrdAccDefaultAuthorizeObject ( XrdSysLogger lp,
const char *  cfn,
const char *  parm,
XrdVersionInfo &  myVer 
)

Definition at line 64 of file XrdAccAccess.cc.

68 {
69  static XrdVERSIONINFODEF(myVer, XrdAcc, XrdVNUMBER, XrdVERSION);
70  static XrdSysError Eroute(lp, "acc_");
71 
72 // Verify version compatibility
73 //
74  if (urVer.vNum != myVer.vNum && !XrdSysPlugin::VerCmp(urVer,myVer))
75  return 0;
76 
77 // Configure the authorization system
78 //
79  if (XrdAccConfiguration.Configure(Eroute, cfn)) return (XrdAccAuthorize *)0;
80 
81 // Set error object pointer
82 //
83  XrdAccEntity::setError(&Eroute);
84 
85 // All is well, return the actual pointer to the object
86 //
88 }
XrdAccConfig XrdAccConfiguration
Definition: XrdAccConfig.cc:61
int Configure(XrdSysError &Eroute, const char *cfn)
XrdAccAccess * Authorization
Definition: XrdAccConfig.hh:78
static void setError(XrdSysError *errP)
static bool VerCmp(XrdVersionInfo &vInf1, XrdVersionInfo &vInf2, bool noMsg=false)
XrdVERSIONINFODEF(myVersion, cmsclient, XrdVNUMBER, XrdVERSION)

References XrdAccConfig::Authorization, XrdAccConfig::Configure(), XrdAccEntity::setError(), XrdSysPlugin::VerCmp(), XrdAccConfiguration, and XrdCms::XrdVERSIONINFODEF().

Referenced by main(), and XrdAccAuthorizeObject().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ XrdHttpGetExtHandler()

XrdHttpExtHandler* XrdHttpGetExtHandler ( XrdSysError log,
const char *  config,
const char *  parms,
XrdOucEnv env 
)

Definition at line 128 of file XrdMacaroons.cc.

131 {
132  void *authz_raw = env->GetPtr("XrdAccAuthorize*");
133  XrdAccAuthorize *def_authz = static_cast<XrdAccAuthorize *>(authz_raw);
134 
135  log->Emsg("Initialize", "Creating new Macaroon handler object");
136  try
137  {
138  return new Macaroons::Handler(log, config, env, def_authz);
139  }
140  catch (std::runtime_error &e)
141  {
142  log->Emsg("Config", "Generation of Macaroon handler failed", e.what());
143  return NULL;
144  }
145 }
void * GetPtr(const char *varname)
Definition: XrdOucEnv.cc:281

References XrdSysError::Emsg(), and XrdOucEnv::GetPtr().

+ Here is the call graph for this function:

◆ XrdVERSIONINFO() [1/3]

XrdVERSIONINFO ( XrdAccAuthorizeObjAdd  ,
XrdMacaroons   
)

◆ XrdVERSIONINFO() [2/3]

XrdVERSIONINFO ( XrdAccAuthorizeObject  ,
XrdMacaroons   
)

◆ XrdVERSIONINFO() [3/3]

XrdVERSIONINFO ( XrdHttpGetExtHandler  ,
XrdMacaroons   
)

◆ XrdVERSIONINFODEF()

static XrdVERSIONINFODEF ( compiledVer  ,
XrdAccTest  ,
XrdVNUMBER  ,
XrdVERSION   
)
static

Variable Documentation

◆ SciTokensHelper

XrdSciTokensHelper* SciTokensHelper = nullptr

Definition at line 30 of file XrdMacaroons.cc.

Referenced by XrdAccAuthorizeObjAdd(), and XrdAccAuthorizeObject().