From 9d4726194ec25e9c1fc3cdb08e10014f89843bc1 Mon Sep 17 00:00:00 2001
From: Darshit Chanpura <dchanp@amazon.com>
Date: Tue, 12 Mar 2024 00:47:56 -0400
Subject: [PATCH] Generates random password for anonymous user

Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
---
 common/index.ts | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/common/index.ts b/common/index.ts
index 6b3df18c5..c7d5288cb 100644
--- a/common/index.ts
+++ b/common/index.ts
@@ -13,6 +13,8 @@
  *   permissions and limitations under the License.
  */
 
+import { randomString } from "@hapi/cryptiles";
+
 export const PLUGIN_ID = 'opensearchDashboardsSecurity';
 export const PLUGIN_NAME = 'security-dashboards-plugin';
 
@@ -34,8 +36,10 @@ export const OPENID_AUTH_LOGIN_WITH_FRAGMENT = '/auth/openid/captureUrlFragment'
 export const SAML_AUTH_LOGIN = '/auth/saml/login';
 export const SAML_AUTH_LOGIN_WITH_FRAGMENT = '/auth/saml/captureUrlFragment';
 export const ANONYMOUS_AUTH_LOGIN = '/auth/anonymous';
-export const ANONYMOUS_AUTH_HEADER =
-  'Basic b3BlbmRpc3Ryb19zZWN1cml0eV9hbm9ueW1vdXM6b3BlbmRpc3Ryb19zZWN1cnV0eV9hbm9ueW1vdXM=';
+const ANONYMOUS_AUTH_USER: string = 'opendistro_security_anonymous';
+const RANDOM_PASS: string = randomString(12);
+const ANONYMOUS_USER_PASS: string = `${ANONYMOUS_AUTH_USER}:${RANDOM_PASS}`;
+export const ANONYMOUS_AUTH_HEADER = `Basic ${Buffer.from(ANONYMOUS_USER_PASS).toString('base64')}`
 
 export const OPENID_AUTH_LOGOUT = '/auth/openid/logout';
 export const SAML_AUTH_LOGOUT = '/auth/saml/logout';