Skip to content

Commit

Permalink
add 'auth.isEnabled'
Browse files Browse the repository at this point in the history
  • Loading branch information
pgayvallet committed Feb 25, 2021
1 parent 6754b96 commit cd32213
Show file tree
Hide file tree
Showing 7 changed files with 33 additions and 15 deletions.
10 changes: 4 additions & 6 deletions src/core/server/http/http_server.ts
Original file line number Diff line number Diff line change
Expand Up @@ -30,11 +30,11 @@ import {
SessionStorageCookieOptions,
createCookieSessionStorageFactory,
} from './cookie_session_storage';
import { IsAuthenticated, AuthStateStorage, GetAuthState } from './auth_state_storage';
import { AuthStateStorage } from './auth_state_storage';
import { AuthHeadersStorage, GetAuthHeaders } from './auth_headers_storage';
import { BasePath } from './base_path_service';
import { getEcsResponseLog } from './logging';
import { HttpServiceSetup, HttpServerInfo } from './types';
import { HttpServiceSetup, HttpServerInfo, HttpAuth } from './types';

/** @internal */
export interface HttpServerSetup {
Expand All @@ -54,10 +54,7 @@ export interface HttpServerSetup {
registerOnPostAuth: HttpServiceSetup['registerOnPostAuth'];
registerOnPreResponse: HttpServiceSetup['registerOnPreResponse'];
getAuthHeaders: GetAuthHeaders;
auth: {
get: GetAuthState;
isAuthenticated: IsAuthenticated;
};
auth: HttpAuth;
getServerInfo: () => HttpServerInfo;
}

Expand Down Expand Up @@ -132,6 +129,7 @@ export class HttpServer {
auth: {
get: this.authState.get,
isAuthenticated: this.authState.isAuthenticated,
isEnabled: () => this.authRegistered,
},
getAuthHeaders: this.authRequestHeaders.get,
getServerInfo: () => ({
Expand Down
3 changes: 3 additions & 0 deletions src/core/server/http/http_service.mock.ts
Original file line number Diff line number Diff line change
Expand Up @@ -66,9 +66,11 @@ const createAuthMock = () => {
const mock: AuthMocked = {
get: jest.fn(),
isAuthenticated: jest.fn(),
isEnabled: jest.fn(),
};
mock.get.mockReturnValue({ status: AuthStatus.authenticated, state: {} });
mock.isAuthenticated.mockReturnValue(true);
mock.isEnabled.mockReturnValue(true);
return mock;
};

Expand Down Expand Up @@ -131,6 +133,7 @@ const createSetupContractMock = () => {
auth: {
get: internalMock.auth.get,
isAuthenticated: internalMock.auth.isAuthenticated,
isEnabled: internalMock.auth.isEnabled,
},
getServerInfo: internalMock.getServerInfo,
};
Expand Down
4 changes: 4 additions & 0 deletions src/core/server/http/types.ts
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,10 @@ export interface HttpAuth {
* {@link IsAuthenticated}
*/
isAuthenticated: IsAuthenticated;
/**
* Returns true if authentication is enabled for the http server
*/
isEnabled: () => boolean;
}

/**
Expand Down
1 change: 1 addition & 0 deletions src/core/server/legacy/legacy_service.ts
Original file line number Diff line number Diff line change
Expand Up @@ -252,6 +252,7 @@ export class LegacyService implements CoreService {
auth: {
get: setupDeps.core.http.auth.get,
isAuthenticated: setupDeps.core.http.auth.isAuthenticated,
isEnabled: setupDeps.core.http.auth.isEnabled,
},
csp: setupDeps.core.http.csp,
getServerInfo: setupDeps.core.http.getServerInfo,
Expand Down
6 changes: 5 additions & 1 deletion src/core/server/plugins/plugin_context.ts
Original file line number Diff line number Diff line change
Expand Up @@ -133,7 +133,11 @@ export function createPluginSetupContext<TPlugin, TPluginDependencies>(
registerOnPostAuth: deps.http.registerOnPostAuth,
registerOnPreResponse: deps.http.registerOnPreResponse,
basePath: deps.http.basePath,
auth: { get: deps.http.auth.get, isAuthenticated: deps.http.auth.isAuthenticated },
auth: {
get: deps.http.auth.get,
isAuthenticated: deps.http.auth.isAuthenticated,
isEnabled: deps.http.auth.isEnabled,
},
csp: deps.http.csp,
getServerInfo: deps.http.getServerInfo,
},
Expand Down
22 changes: 15 additions & 7 deletions src/core/server/rendering/bootstrap/bootstrap_renderer.ts
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ import * as UiSharedDeps from '@kbn/ui-shared-deps';
import { PackageInfo } from '@kbn/config';
import { UiPlugins } from '../../plugins';
import { IUiSettingsClient } from '../../ui_settings';
import { GetAuthState, KibanaRequest } from '../../http';
import { HttpAuth, KibanaRequest } from '../../http';
import { getStylesheetPaths } from './get_stylesheet_paths';
import { getPluginsBundlePaths } from './get_plugin_bundle_paths';
import { BootstrapTemplateInterpolator } from './render_template';
Expand All @@ -23,7 +23,7 @@ interface FactoryOptions {
serverBasePath: string;
packageInfo: PackageInfo;
uiPlugins: UiPlugins;
getAuthStatus: GetAuthState;
auth: HttpAuth;
}

interface RenderedOptions {
Expand All @@ -40,19 +40,27 @@ export const bootstrapRendererFactory: BootstrapRendererFactory = ({
packageInfo,
serverBasePath,
uiPlugins,
getAuthStatus,
auth,
}) => {
const templateInterpolator = new BootstrapTemplateInterpolator();

const isAuthenticated = (request: KibanaRequest) => {
if (!auth.isEnabled()) {
return true;
}
const { status: authStatus } = auth.get(request);
// status is unknown when auth is disabled. we just need to not be `unauthenticated` here.
return authStatus !== 'unauthenticated';
};

return async ({ uiSettingsClient, request }) => {
let darkMode: boolean;
let themeVersion: string;

try {
const { status: authStatus } = getAuthStatus(request);
const canUseSettings = authStatus !== 'unauthenticated'; // unknown is when auth is not present - oss
darkMode = canUseSettings ? await uiSettingsClient.get('theme:darkMode') : false;
themeVersion = canUseSettings ? await uiSettingsClient.get('theme:version') : 'v7';
const authenticated = isAuthenticated(request);
darkMode = authenticated ? await uiSettingsClient.get('theme:darkMode') : false;
themeVersion = authenticated ? await uiSettingsClient.get('theme:version') : 'v7';
} catch (e) {
// need to be resilient to ES connectivity issues
darkMode = false;
Expand Down
2 changes: 1 addition & 1 deletion src/core/server/rendering/rendering_service.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ export class RenderingService {
uiPlugins,
serverBasePath: http.basePath.serverBasePath,
packageInfo: this.coreContext.env.packageInfo,
getAuthStatus: http.auth.get,
auth: http.auth,
});
registerBootstrapRoute({ router, renderer: bootstrapRenderer });

Expand Down

0 comments on commit cd32213

Please sign in to comment.