minimal set of changes to remove segfault in GCE / GCS (direct or via SD )...

minimal set of changes to remove segfault in GCE / GCS (direct or via SD ) segfaults, missing Bearer scheme on service calls Authorization headers

src/src/core/SDManagerImpl.h

@@ -103,7 +103,8 @@ namespace seismicdrive {
             if (!_sd_auth_provider.get()) {
                 throw SDException(sdmex::sdmanager::AuthProviderUndefined());
             }
-            return _sd_auth_provider->getAuthToken();
+            HTTPRequest request;
+            return _sd_auth_provider->getAuthToken(&request);
         }
 
         std::string getSDUrl() const {

src/src/lib/auth/auth_provider.cc

@@ -35,8 +35,12 @@ AuthProvider::AuthProvider(const std::string &sdurl, const std::string &sdapikey
 std::string AuthProvider::getGcsAuthTokenImpl(const std::string &sd_suproject_resource,
                                               bool readonly,
                                               GcsAuthProvider &gcs_auth) {
+
+    // this Authorization callback needs to return a valid Authorization header. not just the token
     auto acb = [this]() -> std::string {
-        return getAuthToken();
+        HTTPRequest request;
+        auto t = getAuthToken( &request );
+        return t.rfind("Bearer ", 0) == t.npos ? "Bearer " + t : t;
     };
     gcs_auth.setLogStatus(log.isEnabled());
     return gcs_auth.getToken(sdurl, sdapikey, acb, sd_suproject_resource, readonly);

src/src/lib/auth/auth_provider.h

@@ -37,7 +37,7 @@ class AuthProvider
         virtual ~AuthProvider() {}
 
         // Returns the short-term authentication bearer token.
-        virtual std::string getAuthToken(HTTPRequest *request = nullptr) = 0;
+        virtual std::string getAuthToken(HTTPRequest *request ) = 0;
 
         // Returns the short-term gcs authentication token;
         virtual std::string getGcsAuthTokenImpl(const std::string &sd_suproject_resource,

src/src/lib/auth/direct_auth_provider.h

@@ -33,7 +33,7 @@ namespace seismicdrive {
         public:
             DirectAuthProvider(const std::string& sdurl, const std::string& sdapikey, const std::string& token);
 
-            std::string getAuthToken(HTTPRequest *request = nullptr) override;
+            std::string getAuthToken(HTTPRequest *request) override;
 
             void refreshAuthToken(const std::string &token) override;
     };

src/src/lib/auth/google_auth_provider.cc

@@ -110,7 +110,7 @@ namespace seismicdrive {
 
             static bool isRunningInGCE = false;
             if (!isRunningInGCE) {
-                isRunningInGCE = checkForGCEInstance();
+                isRunningInGCE = checkForGCEInstance(request);
             }
             if (isRunningInGCE) {
                 getTokenFromGce(request);
@@ -126,7 +126,8 @@ namespace seismicdrive {
     std::string GoogleAuthProvider::getGcsAuthTokenImpl(const std::string &/*sd_suproject_resource*/,
                                                         bool /*readonly*/,
                                                         GcsAuthProvider &/*gcs_auth*/) {
-        return getAuthToken();
+        HTTPRequest request;
+        return getAuthToken( &request );
     }
 
     void GoogleAuthProvider::getTokenFromGce(HTTPRequest *request) {

src/src/lib/auth/google_auth_provider.h

@@ -49,7 +49,7 @@ namespace seismicdrive {
         public:
             GoogleAuthProvider() {}
 
-            std::string getAuthToken(HTTPRequest *request = nullptr) override;
+            std::string getAuthToken(HTTPRequest *request) override;
 
             std::string getGcsAuthTokenImpl(const std::string &sd_suproject_resource,
                                             bool readonly,

src/src/lib/auth/imp_auth_provider.h

@@ -42,7 +42,7 @@ namespace seismicdrive {
                             const std::string &sdapikey, 
                             const std::string &imp_token);
 
-            std::string getAuthToken(HTTPRequest *request = nullptr) override;
+            std::string getAuthToken(HTTPRequest *request) override;
             
             void refreshAuthToken(const std::string &token) override;
     };

src/src/lib/http/http_manager.h

@@ -118,6 +118,20 @@ public:
         _headers[sdutils::toLower(key)] = value;
     }
 
+    /**
+     * @details use an user-provided function to produce a valid HTTP Authorization header
+     *          so for an HTTP request requiring a basic scheme ( https://datatracker.ietf.org/doc/html/rfc7617 )
+     *             it need to return "Basic token_value"
+     *
+     *             for an HTTP request requiring an OAuth2  bearer token ( https://datatracker.ietf.org/doc/html/rfc6750 )
+     *             it needs to return "Bearer token_value"
+     *
+     *             ditto for a Digest, AWS4-HMAC-SHA256 or whatever other authentication framework.
+     *
+     * @param callback
+     *
+     * @todo : describe failure modes. ( this issues an authentication call and returns the value of an authorization header)
+     */
     void set_auth_callback( std::function<std::string()> callback ){
         _auth_callback = callback;
     }

src/test/seismic-store-lib/auth_provider.cc

@@ -29,7 +29,8 @@ using namespace seismicdrive;
 
 void test_auth_provider(AuthProvider *auth, const std::string &resource, bool readonly) {
     std::cout << line(50);
-    auto token = auth->getAuthToken();
+    HTTPRequest request;
+    auto token = auth->getAuthToken(&request);
     std::cout << "Auth Token: ";
     std::cout << token << '\n';
     std::cout << "Gcs Token: ";

src/test/utest/utest_auth_direct.h

@@ -52,7 +52,8 @@ TEST(DirectAuthProviderTest, direct_auth_provider) {
     delete auth5;
 
     // Test Auth Token
-    ASSERT_EQ(auth->getAuthToken(), test_token);
+    HTTPRequest request;
+    ASSERT_EQ(auth->getAuthToken(&request), test_token);
 
     // Test GCS token
     GcsAuthProviderMock gcs;