diff --git a/pkg/handlers/config.go b/pkg/handlers/config.go index b318327f..20d71fa1 100644 --- a/pkg/handlers/config.go +++ b/pkg/handlers/config.go @@ -17,15 +17,67 @@ limitations under the License. package handlers import ( + "fmt" "net/http" + "strings" "github.com/gin-gonic/gin" "github.com/grycap/oscar/v2/pkg/types" + "github.com/grycap/oscar/v2/pkg/utils/auth" ) +type configForUser struct { + Cfg *types.Config `json:"config"` + MinIOProvider *types.MinIOProvider `json:"minio_provider"` +} + // MakeConfigHandler makes a handler for getting server's configuration func MakeConfigHandler(cfg *types.Config) gin.HandlerFunc { return func(c *gin.Context) { - c.JSON(http.StatusOK, cfg) + // Return configForUser + var conf configForUser + minIOProvider := cfg.MinIOProvider + authHeader := c.GetHeader("Authorization") + if len(strings.Split(authHeader, "Bearer")) > 0 { + conf = configForUser{cfg, minIOProvider} + } else { + + // Get MinIO credentials from k8s secret for user + + uidOrigin, uidExists := c.Get("uidOrigin") + mcUntyped, mcExists := c.Get("multitenancyConfig") + + if !mcExists { + c.String(http.StatusInternalServerError, "Missing multitenancy config") + } + if !uidExists { + c.String(http.StatusInternalServerError, "Missing EGI user uid") + } + + mc, mcParsed := mcUntyped.(*auth.MultitenancyConfig) + uid, uidParsed := uidOrigin.(string) + + if !mcParsed { + c.String(http.StatusInternalServerError, fmt.Sprintf("Error parsing multitenancy config: %v", mcParsed)) + return + } + + if !uidParsed { + c.String(http.StatusInternalServerError, fmt.Sprintf("Error parsing uid origin: %v", uidParsed)) + return + } + + ak, sk, err := mc.GetUserCredentials(uid) + if err != nil { + c.String(http.StatusInternalServerError, "Error getting credentials for MinIO user: ", uid) + } + + minIOProvider.AccessKey = ak + minIOProvider.SecretKey = sk + + conf = configForUser{cfg, minIOProvider} + } + + c.JSON(http.StatusOK, conf) } } diff --git a/pkg/utils/auth/auth.go b/pkg/utils/auth/auth.go index efac6186..7c3ac5ba 100644 --- a/pkg/utils/auth/auth.go +++ b/pkg/utils/auth/auth.go @@ -49,8 +49,7 @@ func CustomAuth(cfg *types.Config, kubeClientset *kubernetes.Clientset) gin.Hand } // Slice to add default user to all users group on MinIO - var oscarUser []string - oscarUser[0] = "console" + var oscarUser = []string{"console"} minIOAdminClient.CreateAllUsersGroup() minIOAdminClient.AddUserToGroup(oscarUser, "all_users_group")