Skip to content

Commit

Permalink
Support client cert in WhoAmI
Browse files Browse the repository at this point in the history
  • Loading branch information
@UgnineSirdis
UgnineSirdis committed Aug 15, 2024
1 parent cb4e391 commit 841aaf9
Showing 1 changed file with 15 additions and 10 deletions.
25 changes: 15 additions & 10 deletions ydb/core/grpc_services/rpc_whoami.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,24 +21,29 @@ class TWhoAmIRPC : public TActorBootstrapped<TWhoAmIRPC> {
: Request(request)
{}

void Bootstrap(const TActorContext& ctx) {
void Bootstrap() {
//TODO: Do we realy realy need to make call to the ticket parser here???
//we have done it already in grpc_request_proxy
auto req = dynamic_cast<TEvWhoAmIRequest*>(Request.get());
Y_ABORT_UNLESS(req, "Unexpected request type for TWhoAmIRPC");
TMaybe<TString> authToken = req->GetYdbToken();
if (authToken) {
TMaybe<TString> database = Request->GetDatabaseName();
ctx.Send(MakeTicketParserID(), new TEvTicketParser::TEvAuthorizeTicket({
.Database = database ? database.GetRef() : TString(),
.Ticket = authToken.GetRef(),
.PeerName = Request->GetPeerName()
}));
Become(&TThis::StateWaitForTicket);
TString ticket;
if (TMaybe<TString> authToken = req->GetYdbToken()) {
ticket = authToken.GetRef();
} else if (TVector<TStringBuf> clientCert = Request->FindClientCert(); !clientCert.empty()) {
ticket = TString(clientCert.front());
} else {
ReplyError("No token provided");
PassAway();
return;
}

TMaybe<TString> database = Request->GetDatabaseName();
Send(MakeTicketParserID(), new TEvTicketParser::TEvAuthorizeTicket({
.Database = database ? database.GetRef() : TString(),
.Ticket = ticket,
.PeerName = Request->GetPeerName()
}));
Become(&TThis::StateWaitForTicket);
}

STFUNC(StateWaitForTicket) {
Expand Down

0 comments on commit 841aaf9

Please sign in to comment.