XRootD
Functions | Variables
XrdMacaroons.cc File Reference
#include "XrdMacaroonsAuthz.hh"
#include "XrdMacaroonsHandler.hh"
#include "XrdOuc/XrdOucEnv.hh"
#include "XrdOuc/XrdOucString.hh"
#include "XrdOuc/XrdOucPinPath.hh"
#include "XrdSys/XrdSysError.hh"
#include "XrdSys/XrdSysLogger.hh"
#include "XrdHttp/XrdHttpExtHandler.hh"
#include "XrdAcc/XrdAccAuthorize.hh"
#include "XrdVersion.hh"
#include <stdexcept>
#include <dlfcn.h>
+ Include dependency graph for XrdMacaroons.cc:

Go to the source code of this file.

Functions

XrdAccAuthorizeXrdAccAuthorizeObjAdd (XrdSysLogger *log, const char *config, const char *params, XrdOucEnv *, XrdAccAuthorize *chain_authz)
 
XrdAccAuthorizeXrdAccAuthorizeObject (XrdSysLogger *log, const char *config, const char *parms)
 
XrdAccAuthorizeXrdAccDefaultAuthorizeObject (XrdSysLogger *lp, const char *cfn, const char *parm, XrdVersionInfo &myVer)
 
XrdHttpExtHandlerXrdHttpGetExtHandler (XrdSysError *log, const char *config, const char *parms, XrdOucEnv *env)
 
 XrdVERSIONINFO (XrdAccAuthorizeObjAdd, XrdMacaroons)
 
 XrdVERSIONINFO (XrdAccAuthorizeObject, XrdMacaroons)
 
 XrdVERSIONINFO (XrdHttpGetExtHandler, XrdMacaroons)
 
static XrdVERSIONINFODEF (compiledVer, XrdAccTest, XrdVNUMBER, XrdVERSION)
 

Variables

XrdSciTokensHelperSciTokensHelper = nullptr
 

Function Documentation

◆ XrdAccAuthorizeObjAdd()

XrdAccAuthorize* XrdAccAuthorizeObjAdd ( XrdSysLogger log,
const char *  config,
const char *  params,
XrdOucEnv ,
XrdAccAuthorize chain_authz 
)

Definition at line 33 of file XrdMacaroons.cc.

38 {
39  try
40  {
41  auto new_authz = new Macaroons::Authz(log, config, chain_authz);
42  SciTokensHelper = new_authz;
43  return new_authz;
44  }
45  catch (std::runtime_error &e)
46  {
47  XrdSysError err(log, "macaroons");
48  err.Emsg("Config", "Configuration of Macaroon authorization handler failed", e.what());
49  return nullptr;
50  }
51 }
SciTokensHelper
XrdSciTokensHelper * SciTokensHelper
Definition: XrdMacaroons.cc:29

References XrdSysError::Emsg(), and SciTokensHelper.

+ Here is the call graph for this function:

◆ XrdAccAuthorizeObject()

XrdAccAuthorize* XrdAccAuthorizeObject ( XrdSysLogger log,
const char *  config,
const char *  parms 
)

Definition at line 53 of file XrdMacaroons.cc.

56 {
57  XrdAccAuthorize *chain_authz = nullptr;
58  XrdSysError err(log, "macaroons");
59 
60  if (parms && parms[0]) {
61  XrdOucString parms_str(parms);
62  XrdOucString chained_lib;
63  int from = parms_str.tokenize(chained_lib, 0, ' ');
64  const char *chained_parms = nullptr;
65  err.Emsg("Config", "Will chain library", chained_lib.c_str());
66  if (from > 0)
67  {
68  parms_str.erasefromstart(from);
69  if (parms_str.length())
70  {
71  err.Emsg("Config", "Will chain parameters", parms_str.c_str());
72  chained_parms = parms_str.c_str();
73  }
74  }
75  char resolvePath[2048];
76  bool usedAltPath{true};
77  if (!XrdOucPinPath(chained_lib.c_str(), usedAltPath, resolvePath, 2048)) {
78  err.Emsg("Config", "Failed to locate appropriately versioned chained auth library:", parms);
79  return nullptr;
80  }
81  void *handle_base = dlopen(resolvePath, RTLD_LOCAL|RTLD_NOW);
82  if (handle_base == nullptr) {
83  err.Emsg("Config", "Failed to base plugin ", resolvePath, dlerror());
84  return nullptr;
85  }
86 
87  XrdAccAuthorize *(*ep)(XrdSysLogger *, const char *, const char *);
88  ep = (XrdAccAuthorize *(*)(XrdSysLogger *, const char *, const char *))
89  (dlsym(handle_base, "XrdAccAuthorizeObject"));
90  if (!ep)
91  {
92  dlclose(handle_base);
93  err.Emsg("Config", "Unable to chain second authlib after macaroons", parms);
94  return nullptr;
95  }
96 
97  chain_authz = (*ep)(log, config, chained_parms);
98 
99  if (chain_authz == nullptr) {
100  dlclose(handle_base);
101  err.Emsg("Config", "Unable to chain second authlib after macaroons "
102  "which returned nullptr");
103  return nullptr;
104  }
105  }
106  else
107  {
108  chain_authz = XrdAccDefaultAuthorizeObject(log, config, parms, compiledVer);
109  }
110  try
111  {
112  auto new_authz = new Macaroons::Authz(log, config, chain_authz);
113  SciTokensHelper = new_authz;
114  return new_authz;
115  }
116  catch (const std::runtime_error &e)
117  {
118  err.Emsg("Config", "Configuration of Macaroon authorization handler failed", e.what());
119  return nullptr;
120  }
121 }
XrdAccDefaultAuthorizeObject
XrdAccAuthorize * XrdAccDefaultAuthorizeObject(XrdSysLogger *lp, const char *cfn, const char *parm, XrdVersionInfo &myVer)
Definition: XrdAccAccess.cc:64
XrdOucPinPath
int XrdOucPinPath(const char *piPath, bool &noAltP, char *buff, int blen)
Definition: XrdOucPinPath.cc:34
XrdOucString::c_str
const char * c_str() const
Definition: XrdOucString.hh:278
XrdOucString::tokenize
int tokenize(XrdOucString &tok, int from, char del=':')
Definition: XrdOucString.cc:1220

References XrdOucString::c_str(), XrdSysError::Emsg(), XrdOucString::erasefromstart(), XrdOucString::length(), SciTokensHelper, XrdOucString::tokenize(), XrdAccDefaultAuthorizeObject(), and XrdOucPinPath().

+ Here is the call graph for this function:

◆ XrdAccDefaultAuthorizeObject()

XrdAccAuthorize* XrdAccDefaultAuthorizeObject ( XrdSysLogger lp,
const char *  cfn,
const char *  parm,
XrdVersionInfo &  myVer 
)

Definition at line 64 of file XrdAccAccess.cc.

68 {
69  static XrdVERSIONINFODEF(myVer, XrdAcc, XrdVNUMBER, XrdVERSION);
70  static XrdSysError Eroute(lp, "acc_");
71 
72 // Verify version compatibility
73 //
74  if (urVer.vNum != myVer.vNum && !XrdSysPlugin::VerCmp(urVer,myVer))
75  return 0;
76 
77 // Configure the authorization system
78 //
79  if (XrdAccConfiguration.Configure(Eroute, cfn)) return (XrdAccAuthorize *)0;
80 
81 // Set error object pointer
82 //
83  XrdAccEntity::setError(&Eroute);
84 
85 // All is well, return the actual pointer to the object
86 //
87  return (XrdAccAuthorize *)XrdAccConfiguration.Authorization;
88 }
XrdAccConfiguration
XrdAccConfig XrdAccConfiguration
Definition: XrdAccConfig.cc:61
XrdAccConfig::Configure
int Configure(XrdSysError &Eroute, const char *cfn)
Definition: XrdAccConfig.cc:123
XrdAccConfig::Authorization
XrdAccAccess * Authorization
Definition: XrdAccConfig.hh:78
XrdAccEntity::setError
static void setError(XrdSysError *errP)
Definition: XrdAccEntity.cc:215
XrdSysPlugin::VerCmp
static bool VerCmp(XrdVersionInfo &vInf1, XrdVersionInfo &vInf2, bool noMsg=false)
Definition: XrdSysPlugin.cc:472
XrdCms::XrdVERSIONINFODEF
XrdVERSIONINFODEF(myVersion, cmsclient, XrdVNUMBER, XrdVERSION)

References XrdAccConfig::Authorization, XrdAccConfig::Configure(), XrdAccEntity::setError(), XrdSysPlugin::VerCmp(), XrdAccConfiguration, and XrdCms::XrdVERSIONINFODEF().

Referenced by main(), and XrdAccAuthorizeObject().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ XrdHttpGetExtHandler()

XrdHttpExtHandler* XrdHttpGetExtHandler ( XrdSysError log,
const char *  config,
const char *  parms,
XrdOucEnv env 
)

Definition at line 124 of file XrdMacaroons.cc.

127 {
128  void *authz_raw = env->GetPtr("XrdAccAuthorize*");
129  XrdAccAuthorize *def_authz = static_cast<XrdAccAuthorize *>(authz_raw);
130 
131  log->Emsg("Initialize", "Creating new Macaroon handler object");
132  try
133  {
134  return new Macaroons::Handler(log, config, env, def_authz);
135  }
136  catch (std::runtime_error &e)
137  {
138  log->Emsg("Config", "Generation of Macaroon handler failed", e.what());
139  return nullptr;
140  }
141 }
XrdOucEnv::GetPtr
void * GetPtr(const char *varname)
Definition: XrdOucEnv.cc:281
XrdSysError::Emsg
int Emsg(const char *esfx, int ecode, const char *text1, const char *text2=0)
Definition: XrdSysError.cc:95

References XrdSysError::Emsg(), and XrdOucEnv::GetPtr().

+ Here is the call graph for this function:

◆ XrdVERSIONINFO() [1/3]

XrdVERSIONINFO ( XrdAccAuthorizeObjAdd  ,
XrdMacaroons   
)

◆ XrdVERSIONINFO() [2/3]

XrdVERSIONINFO ( XrdAccAuthorizeObject  ,
XrdMacaroons   
)

◆ XrdVERSIONINFO() [3/3]

XrdVERSIONINFO ( XrdHttpGetExtHandler  ,
XrdMacaroons   
)

◆ XrdVERSIONINFODEF()

static XrdVERSIONINFODEF ( compiledVer  ,
XrdAccTest  ,
XrdVNUMBER  ,
XrdVERSION   
)
static

Variable Documentation

◆ SciTokensHelper

XrdSciTokensHelper* SciTokensHelper = nullptr

Definition at line 29 of file XrdMacaroons.cc.

Referenced by XrdAccAuthorizeObjAdd(), and XrdAccAuthorizeObject().