Enable machine auth in ocdav

services/ocdav/pkg/command/server.go

@@ -64,6 +64,7 @@ func Server(cfg *config.Config) *cli.Command {
  ocdav.Version(cfg.Status.Version),
  ocdav.VersionString(cfg.Status.VersionString),
  ocdav.Edition(cfg.Status.Edition),
+ ocdav.MachineAuthAPIKey(cfg.MachineAuthAPIKey),
  // ocdav.FavoriteManager() // FIXME needs a proper persistence implementation https://github.com/owncloud/ocis/issues/1228
  // ocdav.LockSystem(), // will default to the CS3 lock system
  // ocdav.TLSConfig() // tls config for the http server

services/ocdav/pkg/config/config.go

@@ -32,6 +32,8 @@ type Config struct {
  Timeout int64 `yaml:"gateway_request_timeout" env:"OCDAV_GATEWAY_REQUEST_TIMEOUT" desc:"Request timeout in seconds for requests from the oCDAV service to the gateway service."`
  Middleware Middleware `yaml:"middleware"`
 
+ MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;OCDAV_MACHINE_AUTH_API_KEY" desc:"Machine auth API key used for validating requests from other services when impersonating users."`
+
  Context context.Context `yaml:"-"`
  Status Status `yaml:"-"`
 }

services/ocdav/pkg/config/defaults/defaultconfig.go

@@ -43,6 +43,7 @@ func DefaultConfig() *config.Config {
  CredentialsByUserAgent: map[string]string{},
  },
  },
+ MachineAuthAPIKey: "",
  Status: config.Status{
  Version: version.Legacy,
  VersionString: version.LegacyString,

services/ocdav/pkg/config/parser/parse.go

@@ -37,6 +37,9 @@ func Validate(cfg *config.Config) error {
  if cfg.TokenManager.JWTSecret == "" {
  return shared.MissingJWTTokenError(cfg.Service.Name)
  }
+ if cfg.MachineAuthAPIKey == "" {
+ return shared.MissingMachineAuthApiKeyError(cfg.Service.Name)
+ }
 
  return nil
 }