Add header with user guid to service broker calls

* Send the user's guid if available else omit the header

openservicebrokerapi/servicebroker#222

[#149216559]

Signed-off-by: Sam Gunaratne <sgunaratne@pivotal.io>

lib/cloud_controller/security_context.rb

@@ -15,6 +15,10 @@ def self.current_user
       Thread.current[:vcap_user]
     end
 
+    def self.current_user_guid
+      current_user.guid if current_user
+    end
+
     def self.admin?
       roles.admin?
     end

lib/services/service_brokers/v2/http_client.rb

@@ -126,6 +126,9 @@ def make_request(method, uri, body, content_type)
 
         client.default_header = default_headers
         opts[:header]['Content-Type'] = content_type if content_type
+
+        user_guid = VCAP::CloudController::SecurityContext.current_user_guid
+        opts[:header][VCAP::Request::HEADER_BROKER_API_ORIGINATING_IDENTITY] = originating_identity(user_guid) if user_guid
         headers = default_headers.merge(opts[:header])
 
         logger.debug "Sending #{method} to #{uri}, BODY: #{body.inspect}, HEADERS: #{headers}"
@@ -159,6 +162,10 @@ def default_headers
         }
       end
 
+      def originating_identity(user_guid)
+        "cloudfoundry #{Base64.strict_encode64({ user_id: user_guid }.to_json)}"
+      end
+
       def verify_certs?
         !VCAP::CloudController::Config.config[:skip_cert_verify]
       end

lib/vcap/request.rb

@@ -3,6 +3,7 @@ module Request
     HEADER_NAME = 'X-VCAP-Request-ID'.freeze
     HEADER_BROKER_API_VERSION = 'X-Broker-Api-Version'.freeze
     HEADER_API_INFO_LOCATION = 'X-Api-Info-Location'.freeze
+    HEADER_BROKER_API_ORIGINATING_IDENTITY = 'X-Broker-Api-Originating-Identity'.freeze
 
     class << self
       def current_id=(request_id)