Expose underlying connection auth context in Portal GetRequest

author: Tor Brede Vekterli <vekterli@yahooinc.com> 2022-08-26 12:31:43 +0000
committer: Tor Brede Vekterli <vekterli@yahooinc.com> 2022-08-26 12:35:48 +0000
commit: 7dca54fecd020ff94a1f59a6bcfa9b3155b2861f (patch)
tree: 8bf93ff107fcf731fb92a3025db834df1cf08b6b /vespalib
parent: 3604078ee2f7ea417d9da734b5427beea03e5d90 (diff)
4 files changed, 28 insertions, 4 deletions
diff --git a/vespalib/src/vespa/vespalib/portal/http_connection.cpp b/vespalib/src/vespa/vespalib/portal/http_connection.cpp
index 26c784af028..2c2a36c1529 100644
--- a/vespalib/src/vespa/vespalib/portal/http_connection.cpp
+++ b/vespalib/src/vespa/vespalib/portal/http_connection.cpp
@@ -2,6 +2,7 @@
 
 #include "http_connection.h"
 #include <vespa/vespalib/data/output_writer.h>
+#include <vespa/vespalib/net/connection_auth_context.h>
 #include <vespa/vespalib/util/size_literals.h>
 #include <cassert>
 
@@ -121,14 +122,21 @@ HttpConnection::set_state(State state, bool read, bool write)
 }
 
 void
+HttpConnection::complete_handshake()
+{
+    _auth_ctx = _socket->make_auth_context();
+    set_state(State::READ_REQUEST, true, false);
+}
+
+void
 HttpConnection::do_handshake()
 {
     for (;;) {
         switch (_socket->handshake()) {
-        case vespalib::CryptoSocket::HandshakeResult::FAIL:       return set_state(State::NOTIFY,       false, false);
-        case vespalib::CryptoSocket::HandshakeResult::DONE:       return set_state(State::READ_REQUEST,  true, false);
-        case vespalib::CryptoSocket::HandshakeResult::NEED_READ:  return set_state(State::HANDSHAKE,     true, false);
-        case vespalib::CryptoSocket::HandshakeResult::NEED_WRITE: return set_state(State::HANDSHAKE,    false,  true);
+        case vespalib::CryptoSocket::HandshakeResult::FAIL:       return set_state(State::NOTIFY,    false, false);
+        case vespalib::CryptoSocket::HandshakeResult::DONE:       return complete_handshake();
+        case vespalib::CryptoSocket::HandshakeResult::NEED_READ:  return set_state(State::HANDSHAKE,  true, false);
+        case vespalib::CryptoSocket::HandshakeResult::NEED_WRITE: return set_state(State::HANDSHAKE, false,  true);
         case vespalib::CryptoSocket::HandshakeResult::NEED_WORK:  _socket->do_handshake_work();
         }
     }
@@ -193,6 +201,7 @@ HttpConnection::HttpConnection(HandleGuard guard, Reactor &reactor, CryptoSocket
     : _guard(std::move(guard)),
       _state(State::HANDSHAKE),
       _socket(std::move(socket)),
+      _auth_ctx(),
       _input(CHUNK_SIZE * 2),
       _output(CHUNK_SIZE * 2),
       _request(),
diff --git a/vespalib/src/vespa/vespalib/portal/http_connection.h b/vespalib/src/vespa/vespalib/portal/http_connection.h
index 4cc973b1f29..03d23351e7d 100644
--- a/vespalib/src/vespa/vespalib/portal/http_connection.h
+++ b/vespalib/src/vespa/vespalib/portal/http_connection.h
@@ -18,10 +18,12 @@ public:
     enum class State { HANDSHAKE, READ_REQUEST, DISPATCH, WAIT, WRITE_REPLY, CLOSE, NOTIFY, END };
 private:
     using handler_fun_t = std::function<void(HttpConnection*)>;
+    using AuthCtxPtr    = std::unique_ptr<net::ConnectionAuthContext>;
 
     HandleGuard        _guard;
     State              _state;
     CryptoSocket::UP   _socket;
+    AuthCtxPtr         _auth_ctx;
     SmartBuffer        _input;
     SmartBuffer        _output;
     HttpRequest        _request;
@@ -31,6 +33,7 @@ private:
 
     void set_state(State state, bool read, bool write);
 
+    void complete_handshake();
     void do_handshake();
     void do_read_request();
     void do_dispatch();
@@ -47,6 +50,9 @@ public:
     State get_state() const { return _state; }
     void resolve_host(const vespalib::string &my_host) { _request.resolve_host(my_host); }
     const HttpRequest &get_request() const { return _request; }
+    // Precondition: handshake must have been completed
+    const net::ConnectionAuthContext &auth_context() const noexcept { return *_auth_ctx; }
+
     void respond_with_content(const vespalib::string &content_type,
                               const vespalib::string &content);
     void respond_with_error(int code, const vespalib::string &msg);
diff --git a/vespalib/src/vespa/vespalib/portal/portal.cpp b/vespalib/src/vespa/vespalib/portal/portal.cpp
index aabcc60bb28..a98562f6504 100644
--- a/vespalib/src/vespa/vespalib/portal/portal.cpp
+++ b/vespalib/src/vespa/vespalib/portal/portal.cpp
@@ -93,6 +93,13 @@ Portal::GetRequest::respond_with_error(int code, const vespalib::string &msg)
     _conn = nullptr;
 }
 
+const net::ConnectionAuthContext&
+Portal::GetRequest::auth_context() const noexcept
+{
+    assert(active());
+    return _conn->auth_context();
+}
+
 Portal::GetRequest::~GetRequest()
 {
     if (active()) {
diff --git a/vespalib/src/vespa/vespalib/portal/portal.h b/vespalib/src/vespa/vespalib/portal/portal.h
index 955c9130c35..314dd6e7de9 100644
--- a/vespalib/src/vespa/vespalib/portal/portal.h
+++ b/vespalib/src/vespa/vespalib/portal/portal.h
@@ -18,6 +18,7 @@
 namespace vespalib {
 
 namespace portal { class HttpConnection; }
+namespace net { class ConnectionAuthContext; }
 
 /**
  * Minimal HTTP server and connection establishment manager.
@@ -67,6 +68,7 @@ public:
         void respond_with_content(const vespalib::string &content_type,
                                   const vespalib::string &content);
         void respond_with_error(int code, const vespalib::string &msg);
+        const net::ConnectionAuthContext &auth_context() const noexcept;
         ~GetRequest();
     };
author	Tor Brede Vekterli <vekterli@yahooinc.com>	2022-08-26 12:31:43 +0000
committer	Tor Brede Vekterli <vekterli@yahooinc.com>	2022-08-26 12:35:48 +0000
commit	7dca54fecd020ff94a1f59a6bcfa9b3155b2861f (patch)
tree	8bf93ff107fcf731fb92a3025db834df1cf08b6b /vespalib
parent	3604078ee2f7ea417d9da734b5427beea03e5d90 (diff)