#include "XrdMacaroonsAuthz.hh"
#include "XrdMacaroonsHandler.hh"
#include "XrdOuc/XrdOucEnv.hh"
#include "XrdOuc/XrdOucString.hh"
#include "XrdOuc/XrdOucPinPath.hh"
#include "XrdSys/XrdSysError.hh"
#include "XrdSys/XrdSysLogger.hh"
#include "XrdHttp/XrdHttpExtHandler.hh"
#include "XrdAcc/XrdAccAuthorize.hh"
#include "XrdVersion.hh"
#include <stdexcept>
#include <dlfcn.h>

Include dependency graph for XrdMacaroons.cc:

Functions
XrdAccAuthorize *	XrdAccAuthorizeObjAdd (XrdSysLogger log, const char config, const char params, XrdOucEnv , XrdAccAuthorize *chain_authz)

XrdAccAuthorize *	XrdAccAuthorizeObject (XrdSysLogger log, const char config, const char *parms)

XrdAccAuthorize *	XrdAccDefaultAuthorizeObject (XrdSysLogger lp, const char cfn, const char *parm, XrdVersionInfo &myVer)

XrdHttpExtHandler *	XrdHttpGetExtHandler (XrdSysError log, const char config, const char parms, XrdOucEnv env)

	XrdVERSIONINFO (XrdAccAuthorizeObjAdd, XrdMacaroons)

	XrdVERSIONINFO (XrdAccAuthorizeObject, XrdMacaroons)

	XrdVERSIONINFO (XrdHttpGetExtHandler, XrdMacaroons)

static	XrdVERSIONINFODEF (compiledVer, XrdAccTest, XrdVNUMBER, XrdVERSION)

Variables
XrdSciTokensHelper *	SciTokensHelper = nullptr

Function Documentation

◆ XrdAccAuthorizeObjAdd()

XrdAccAuthorize * XrdAccAuthorizeObjAdd	(	XrdSysLogger *	log,
		const char *	config,
		const char *	params,
		XrdOucEnv *	,
		XrdAccAuthorize *	chain_authz )

Definition at line 33 of file XrdMacaroons.cc.

{
    try
    {
        auto new_authz = new Macaroons::Authz(log, config, chain_authz);
        SciTokensHelper = new_authz;
        return new_authz;
    }
    catch (std::runtime_error &e)
    {
        XrdSysError err(log, "macaroons");
        err.Emsg("Config", "Configuration of Macaroon authorization handler failed", e.what());
        return nullptr;
    }
}

References XrdSysError::Emsg(), and SciTokensHelper.

Referenced by XrdVERSIONINFO(), and XrdVERSIONINFO().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ XrdAccAuthorizeObject()

XrdAccAuthorize * XrdAccAuthorizeObject	(	XrdSysLogger *	log,
		const char *	config,
		const char *	parms )

Definition at line 53 of file XrdMacaroons.cc.

{
    XrdAccAuthorize *chain_authz = nullptr;
    XrdSysError err(log, "macaroons");
 
    if (parms && parms[0]) {
        XrdOucString parms_str(parms);
        XrdOucString chained_lib;
        int from = parms_str.tokenize(chained_lib, 0, ' ');
        const char *chained_parms = nullptr;
        err.Emsg("Config", "Will chain library", chained_lib.c_str());
        if (from > 0)
        {
            parms_str.erasefromstart(from);
            if (parms_str.length())
            {
                err.Emsg("Config", "Will chain parameters", parms_str.c_str());
                chained_parms = parms_str.c_str();
            }
        }
        char resolvePath[2048];
        bool usedAltPath{true};
        if (!XrdOucPinPath(chained_lib.c_str(), usedAltPath, resolvePath, 2048)) {
            err.Emsg("Config", "Failed to locate appropriately versioned chained auth library:", parms);
            return nullptr;
        }
        void *handle_base = dlopen(resolvePath, RTLD_LOCAL|RTLD_NOW);
        if (handle_base == nullptr) {
            err.Emsg("Config", "Failed to base plugin ", resolvePath, dlerror());
            return nullptr;
        }
 
        XrdAccAuthorize *(*ep)(XrdSysLogger *, const char *, const char *);
        ep = (XrdAccAuthorize *(*)(XrdSysLogger *, const char *, const char *))
             (dlsym(handle_base, "XrdAccAuthorizeObject"));
        if (!ep)
        {
            dlclose(handle_base);
            err.Emsg("Config", "Unable to chain second authlib after macaroons", parms);
            return nullptr;
        }
 
        chain_authz = (*ep)(log, config, chained_parms);
 
        if (chain_authz == nullptr) {
          dlclose(handle_base);
          err.Emsg("Config", "Unable to chain second authlib after macaroons "
                    "which returned nullptr");
          return nullptr;
        }
    }
    else
    {
        chain_authz = XrdAccDefaultAuthorizeObject(log, config, parms, compiledVer);
    }
    try
    {
        auto new_authz = new Macaroons::Authz(log, config, chain_authz);
        SciTokensHelper = new_authz;
        return new_authz;
    }
    catch (const std::runtime_error &e)
    {
        err.Emsg("Config", "Configuration of Macaroon authorization handler failed", e.what());
        return nullptr;
    }
}

References XrdOucString::c_str(), XrdSysError::Emsg(), XrdOucString::erasefromstart(), XrdOucString::length(), SciTokensHelper, XrdOucString::tokenize(), XrdAccDefaultAuthorizeObject(), and XrdOucPinPath().

Referenced by XrdVERSIONINFO(), and XrdVERSIONINFO().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ XrdAccDefaultAuthorizeObject()

XrdAccAuthorize * XrdAccDefaultAuthorizeObject	(	XrdSysLogger *	lp,
		const char *	cfn,
		const char *	parm,
		XrdVersionInfo &	myVer )

extern

Definition at line 64 of file XrdAccAccess.cc.

{
   static XrdVERSIONINFODEF(myVer, XrdAcc, XrdVNUMBER, XrdVERSION);
   static XrdSysError Eroute(lp, "acc_");
 
// Verify version compatibility
//
   if (urVer.vNum != myVer.vNum && !XrdSysPlugin::VerCmp(urVer,myVer))
      return 0;
 
// Configure the authorization system
//
   if (XrdAccConfiguration.Configure(Eroute, cfn)) return (XrdAccAuthorize *)0;
 
// Set error object pointer
//
   XrdAccEntity::setError(&Eroute);
 
// All is well, return the actual pointer to the object
//
   return (XrdAccAuthorize *)XrdAccConfiguration.Authorization;
}

References XrdAccEntity::setError(), XrdSysPlugin::VerCmp(), XrdAccConfiguration, and XrdVERSIONINFODEF().

Referenced by main(), and XrdAccAuthorizeObject().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ XrdHttpGetExtHandler()

XrdHttpExtHandler * XrdHttpGetExtHandler	(	XrdSysError *	log,
		const char *	config,
		const char *	parms,
		XrdOucEnv *	env )

Definition at line 124 of file XrdMacaroons.cc.

{
    void *authz_raw = env->GetPtr("XrdAccAuthorize*");
    XrdAccAuthorize *def_authz = static_cast<XrdAccAuthorize *>(authz_raw);
 
    log->Emsg("Initialize", "Creating new Macaroon handler object");
    try
    {
        return new Macaroons::Handler(log, config, env, def_authz);
    }
    catch (std::runtime_error &e)
    {
        log->Emsg("Config", "Generation of Macaroon handler failed", e.what());
        return nullptr;
    }
}

References XrdSysError::Emsg(), and XrdOucEnv::GetPtr().

Here is the call graph for this function:

◆ XrdVERSIONINFO() [1/3]

XrdVERSIONINFO	(	XrdAccAuthorizeObjAdd	,
		XrdMacaroons	)

References XrdAccAuthorizeObjAdd().

Here is the call graph for this function:

◆ XrdVERSIONINFO() [2/3]

XrdVERSIONINFO	(	XrdAccAuthorizeObject	,
		XrdMacaroons	)

References XrdAccAuthorizeObject().

Here is the call graph for this function:

◆ XrdVERSIONINFO() [3/3]

XrdVERSIONINFO	(	XrdHttpGetExtHandler	,
		XrdMacaroons	)

References XrdHttpGetExtHandler().

Here is the call graph for this function:

◆ XrdVERSIONINFODEF()

static XrdVERSIONINFODEF	(	compiledVer	,
		XrdAccTest	,
		XrdVNUMBER	,
		XrdVERSION	)

static

Variable Documentation

◆ SciTokensHelper

XrdSciTokensHelper* SciTokensHelper = nullptr

Definition at line 29 of file XrdMacaroons.cc.

Referenced by InitAccSciTokens(), XrdAccAuthorizeObjAdd(), and XrdAccAuthorizeObject().

Functions

Variables

Function Documentation

◆ XrdAccAuthorizeObjAdd()

◆ XrdAccAuthorizeObject()

◆ XrdAccDefaultAuthorizeObject()

◆ XrdHttpGetExtHandler()

◆ XrdVERSIONINFO() [1/3]

◆ XrdVERSIONINFO() [2/3]

◆ XrdVERSIONINFO() [3/3]

◆ XrdVERSIONINFODEF()

Variable Documentation

◆ SciTokensHelper