From cd32213c06c1cb619d95adbffbb6262f24763e61 Mon Sep 17 00:00:00 2001 From: pgayvallet Date: Thu, 25 Feb 2021 15:03:44 +0100 Subject: [PATCH] add 'auth.isEnabled' --- src/core/server/http/http_server.ts | 10 ++++----- src/core/server/http/http_service.mock.ts | 3 +++ src/core/server/http/types.ts | 4 ++++ src/core/server/legacy/legacy_service.ts | 1 + src/core/server/plugins/plugin_context.ts | 6 ++++- .../rendering/bootstrap/bootstrap_renderer.ts | 22 +++++++++++++------ .../server/rendering/rendering_service.tsx | 2 +- 7 files changed, 33 insertions(+), 15 deletions(-) diff --git a/src/core/server/http/http_server.ts b/src/core/server/http/http_server.ts index 8435050a238c6..4569ad077f879 100644 --- a/src/core/server/http/http_server.ts +++ b/src/core/server/http/http_server.ts @@ -30,11 +30,11 @@ import { SessionStorageCookieOptions, createCookieSessionStorageFactory, } from './cookie_session_storage'; -import { IsAuthenticated, AuthStateStorage, GetAuthState } from './auth_state_storage'; +import { AuthStateStorage } from './auth_state_storage'; import { AuthHeadersStorage, GetAuthHeaders } from './auth_headers_storage'; import { BasePath } from './base_path_service'; import { getEcsResponseLog } from './logging'; -import { HttpServiceSetup, HttpServerInfo } from './types'; +import { HttpServiceSetup, HttpServerInfo, HttpAuth } from './types'; /** @internal */ export interface HttpServerSetup { @@ -54,10 +54,7 @@ export interface HttpServerSetup { registerOnPostAuth: HttpServiceSetup['registerOnPostAuth']; registerOnPreResponse: HttpServiceSetup['registerOnPreResponse']; getAuthHeaders: GetAuthHeaders; - auth: { - get: GetAuthState; - isAuthenticated: IsAuthenticated; - }; + auth: HttpAuth; getServerInfo: () => HttpServerInfo; } @@ -132,6 +129,7 @@ export class HttpServer { auth: { get: this.authState.get, isAuthenticated: this.authState.isAuthenticated, + isEnabled: () => this.authRegistered, }, getAuthHeaders: this.authRequestHeaders.get, getServerInfo: () => ({ diff --git a/src/core/server/http/http_service.mock.ts b/src/core/server/http/http_service.mock.ts index a589bc76d21fc..cd271ab51cfa8 100644 --- a/src/core/server/http/http_service.mock.ts +++ b/src/core/server/http/http_service.mock.ts @@ -66,9 +66,11 @@ const createAuthMock = () => { const mock: AuthMocked = { get: jest.fn(), isAuthenticated: jest.fn(), + isEnabled: jest.fn(), }; mock.get.mockReturnValue({ status: AuthStatus.authenticated, state: {} }); mock.isAuthenticated.mockReturnValue(true); + mock.isEnabled.mockReturnValue(true); return mock; }; @@ -131,6 +133,7 @@ const createSetupContractMock = () => { auth: { get: internalMock.auth.get, isAuthenticated: internalMock.auth.isAuthenticated, + isEnabled: internalMock.auth.isEnabled, }, getServerInfo: internalMock.getServerInfo, }; diff --git a/src/core/server/http/types.ts b/src/core/server/http/types.ts index 8cb23e9d67f57..a71abc5881641 100644 --- a/src/core/server/http/types.ts +++ b/src/core/server/http/types.ts @@ -54,6 +54,10 @@ export interface HttpAuth { * {@link IsAuthenticated} */ isAuthenticated: IsAuthenticated; + /** + * Returns true if authentication is enabled for the http server + */ + isEnabled: () => boolean; } /** diff --git a/src/core/server/legacy/legacy_service.ts b/src/core/server/legacy/legacy_service.ts index 63b84e2461e71..3cf81f3286d29 100644 --- a/src/core/server/legacy/legacy_service.ts +++ b/src/core/server/legacy/legacy_service.ts @@ -252,6 +252,7 @@ export class LegacyService implements CoreService { auth: { get: setupDeps.core.http.auth.get, isAuthenticated: setupDeps.core.http.auth.isAuthenticated, + isEnabled: setupDeps.core.http.auth.isEnabled, }, csp: setupDeps.core.http.csp, getServerInfo: setupDeps.core.http.getServerInfo, diff --git a/src/core/server/plugins/plugin_context.ts b/src/core/server/plugins/plugin_context.ts index 87f5a784c7722..0ecf4563064f5 100644 --- a/src/core/server/plugins/plugin_context.ts +++ b/src/core/server/plugins/plugin_context.ts @@ -133,7 +133,11 @@ export function createPluginSetupContext( registerOnPostAuth: deps.http.registerOnPostAuth, registerOnPreResponse: deps.http.registerOnPreResponse, basePath: deps.http.basePath, - auth: { get: deps.http.auth.get, isAuthenticated: deps.http.auth.isAuthenticated }, + auth: { + get: deps.http.auth.get, + isAuthenticated: deps.http.auth.isAuthenticated, + isEnabled: deps.http.auth.isEnabled, + }, csp: deps.http.csp, getServerInfo: deps.http.getServerInfo, }, diff --git a/src/core/server/rendering/bootstrap/bootstrap_renderer.ts b/src/core/server/rendering/bootstrap/bootstrap_renderer.ts index badce3714e2f3..b8f65f79e240c 100644 --- a/src/core/server/rendering/bootstrap/bootstrap_renderer.ts +++ b/src/core/server/rendering/bootstrap/bootstrap_renderer.ts @@ -11,7 +11,7 @@ import * as UiSharedDeps from '@kbn/ui-shared-deps'; import { PackageInfo } from '@kbn/config'; import { UiPlugins } from '../../plugins'; import { IUiSettingsClient } from '../../ui_settings'; -import { GetAuthState, KibanaRequest } from '../../http'; +import { HttpAuth, KibanaRequest } from '../../http'; import { getStylesheetPaths } from './get_stylesheet_paths'; import { getPluginsBundlePaths } from './get_plugin_bundle_paths'; import { BootstrapTemplateInterpolator } from './render_template'; @@ -23,7 +23,7 @@ interface FactoryOptions { serverBasePath: string; packageInfo: PackageInfo; uiPlugins: UiPlugins; - getAuthStatus: GetAuthState; + auth: HttpAuth; } interface RenderedOptions { @@ -40,19 +40,27 @@ export const bootstrapRendererFactory: BootstrapRendererFactory = ({ packageInfo, serverBasePath, uiPlugins, - getAuthStatus, + auth, }) => { const templateInterpolator = new BootstrapTemplateInterpolator(); + const isAuthenticated = (request: KibanaRequest) => { + if (!auth.isEnabled()) { + return true; + } + const { status: authStatus } = auth.get(request); + // status is unknown when auth is disabled. we just need to not be `unauthenticated` here. + return authStatus !== 'unauthenticated'; + }; + return async ({ uiSettingsClient, request }) => { let darkMode: boolean; let themeVersion: string; try { - const { status: authStatus } = getAuthStatus(request); - const canUseSettings = authStatus !== 'unauthenticated'; // unknown is when auth is not present - oss - darkMode = canUseSettings ? await uiSettingsClient.get('theme:darkMode') : false; - themeVersion = canUseSettings ? await uiSettingsClient.get('theme:version') : 'v7'; + const authenticated = isAuthenticated(request); + darkMode = authenticated ? await uiSettingsClient.get('theme:darkMode') : false; + themeVersion = authenticated ? await uiSettingsClient.get('theme:version') : 'v7'; } catch (e) { // need to be resilient to ES connectivity issues darkMode = false; diff --git a/src/core/server/rendering/rendering_service.tsx b/src/core/server/rendering/rendering_service.tsx index 7aa4bc4be25a9..57735e6363a1f 100644 --- a/src/core/server/rendering/rendering_service.tsx +++ b/src/core/server/rendering/rendering_service.tsx @@ -37,7 +37,7 @@ export class RenderingService { uiPlugins, serverBasePath: http.basePath.serverBasePath, packageInfo: this.coreContext.env.packageInfo, - getAuthStatus: http.auth.get, + auth: http.auth, }); registerBootstrapRoute({ router, renderer: bootstrapRenderer });