const uint64_t& duration,
const boost::optional<string>& policy,
const boost::optional<string>& roleId,
+ const boost::optional<string>& role_session,
boost::optional<rgw_user> user,
rgw::auth::Identity* identity)
{
token.perm_mask = 0;
token.is_admin = 0;
token.acct_type = TYPE_ROLE;
+ token.role_session = role_session.get();
}
buffer::list input, enc_output;
//Role and Policy provide the authorization info, user id and applier info are not needed
response.assumeRoleResp.retCode = response.assumeRoleResp.creds.generateCredentials(cct, req.getDuration(),
req.getPolicy(), roleId,
+ req.getRoleSessionName(),
user_id, nullptr);
if (response.assumeRoleResp.retCode < 0) {
return response;
//Role and Policy provide the authorization info, user id and applier info are not needed
response.retCode = response.creds.generateCredentials(cct, req.getDuration(),
req.getPolicy(), roleId,
+ req.getRoleSessionName(),
user_id, nullptr);
if (response.retCode < 0) {
return response;
req.getDuration(),
boost::none,
boost::none,
+ boost::none,
user_id,
identity); ret < 0) {
return make_tuple(ret, cred);