XRootD
XrdMacaroons.cc
Go to the documentation of this file.
1 
2 #include <stdexcept>
3 #include <dlfcn.h>
4 
5 #include "XrdMacaroonsHandler.hh"
6 #include "XrdMacaroonsAuthz.hh"
7 
8 #include "XrdOuc/XrdOucEnv.hh"
9 #include "XrdOuc/XrdOucString.hh"
10 #include "XrdOuc/XrdOucPinPath.hh"
11 #include "XrdOuc/XrdOucEnv.hh"
12 #include "XrdSys/XrdSysError.hh"
13 #include "XrdSys/XrdSysLogger.hh"
16 #include "XrdVersion.hh"
17 
21 
22 // Trick to access compiled version and directly call for the default object
23 // is taken from xrootd-scitokens.
24 static XrdVERSIONINFODEF(compiledVer, XrdAccTest, XrdVNUMBER, XrdVERSION);
26  const char *cfn,
27  const char *parm,
28  XrdVersionInfo &myVer);
29 
31 
32 extern "C" {
33 
35  const char *config,
36  const char *params,
37  XrdOucEnv * /*not used*/,
38  XrdAccAuthorize * chain_authz)
39 {
40  try
41  {
42  auto new_authz = new Macaroons::Authz(log, config, chain_authz);
43  SciTokensHelper = new_authz;
44  return new_authz;
45  }
46  catch (std::runtime_error &e)
47  {
48  XrdSysError err(log, "macaroons");
49  err.Emsg("Config", "Configuration of Macaroon authorization handler failed", e.what());
50  return NULL;
51  }
52 }
53 
55  const char *config,
56  const char *parms)
57 {
58  XrdAccAuthorize *chain_authz = NULL;
59 
60  if (parms && parms[0]) {
61  XrdOucString parms_str(parms);
62  XrdOucString chained_lib;
63  XrdSysError *err = new XrdSysError(log, "authlib");
64  int from = parms_str.tokenize(chained_lib, 0, ' ');
65  const char *chained_parms = NULL;
66  err->Emsg("Config", "Will chain library", chained_lib.c_str());
67  if (from > 0)
68  {
69  parms_str.erasefromstart(from);
70  if (parms_str.length())
71  {
72  err->Emsg("Config", "Will chain parameters", parms_str.c_str());
73  chained_parms = parms_str.c_str();
74  }
75  }
76  char resolvePath[2048];
77  bool usedAltPath{true};
78  if (!XrdOucPinPath(chained_lib.c_str(), usedAltPath, resolvePath, 2048)) {
79  err->Emsg("Config", "Failed to locate appropriately versioned chained auth library:", parms);
80  delete err;
81  return NULL;
82  }
83  void *handle_base = dlopen(resolvePath, RTLD_LOCAL|RTLD_NOW);
84  if (handle_base == NULL) {
85  err->Emsg("Config", "Failed to base plugin ", resolvePath, dlerror());
86  delete err;
87  return NULL;
88  }
89 
90  XrdAccAuthorize *(*ep)(XrdSysLogger *, const char *, const char *);
91  ep = (XrdAccAuthorize *(*)(XrdSysLogger *, const char *, const char *))
92  (dlsym(handle_base, "XrdAccAuthorizeObject"));
93  if (!ep)
94  {
95  err->Emsg("Config", "Unable to chain second authlib after macaroons", parms);
96  delete err;
97  return NULL;
98  }
99 
100  chain_authz = (*ep)(log, config, chained_parms);
101 
102  if (chain_authz == NULL) {
103  err->Emsg("Config", "Unable to chain second authlib after macaroons "
104  "which returned NULL");
105  delete err;
106  return NULL;
107  }
108  }
109  else
110  {
111  chain_authz = XrdAccDefaultAuthorizeObject(log, config, parms, compiledVer);
112  }
113  try
114  {
115  auto new_authz = new Macaroons::Authz(log, config, chain_authz);
116  SciTokensHelper = new_authz;
117  return new_authz;
118  }
119  catch (const std::runtime_error &e)
120  {
121  XrdSysError err(log, "macaroons");
122  err.Emsg("Config", "Configuration of Macaroon authorization handler failed", e.what());
123  return NULL;
124  }
125 }
126 
127 
129  XrdSysError *log, const char * config,
130  const char * parms, XrdOucEnv *env)
131 {
132  void *authz_raw = env->GetPtr("XrdAccAuthorize*");
133  XrdAccAuthorize *def_authz = static_cast<XrdAccAuthorize *>(authz_raw);
134 
135  log->Emsg("Initialize", "Creating new Macaroon handler object");
136  try
137  {
138  return new Macaroons::Handler(log, config, env, def_authz);
139  }
140  catch (std::runtime_error &e)
141  {
142  log->Emsg("Config", "Generation of Macaroon handler failed", e.what());
143  return NULL;
144  }
145 }
146 
147 
148 }
XrdHttpExtHandler * XrdHttpGetExtHandler(XrdSysError *log, const char *config, const char *parms, XrdOucEnv *env)
XrdAccAuthorize * XrdAccAuthorizeObjAdd(XrdSysLogger *log, const char *config, const char *params, XrdOucEnv *, XrdAccAuthorize *chain_authz)
Definition: XrdMacaroons.cc:34
XrdSciTokensHelper * SciTokensHelper
Definition: XrdMacaroons.cc:30
static XrdVERSIONINFODEF(compiledVer, XrdAccTest, XrdVNUMBER, XrdVERSION)
XrdAccAuthorize * XrdAccAuthorizeObject(XrdSysLogger *log, const char *config, const char *parms)
Definition: XrdMacaroons.cc:54
XrdVERSIONINFO(XrdAccAuthorizeObject, XrdMacaroons)
XrdAccAuthorize * XrdAccDefaultAuthorizeObject(XrdSysLogger *lp, const char *cfn, const char *parm, XrdVersionInfo &myVer)
Definition: XrdAccAccess.cc:64
int XrdOucPinPath(const char *piPath, bool &noAltP, char *buff, int blen)
void * GetPtr(const char *varname)
Definition: XrdOucEnv.cc:281
const char * c_str() const
int erasefromstart(int sz=0)
int length() const
int tokenize(XrdOucString &tok, int from, char del=':')
int Emsg(const char *esfx, int ecode, const char *text1, const char *text2=0)
Definition: XrdSysError.cc:95