From cbdf7a6af5d2b7c0a35c945747286022be448f22 Mon Sep 17 00:00:00 2001 From: Darshit Chanpura Date: Mon, 11 Mar 2024 16:40:21 -0400 Subject: [PATCH] Adds hardcoded credentials for anonymous user Signed-off-by: Darshit Chanpura --- server/auth/types/authentication_type.ts | 6 +----- server/auth/types/basic/routes.ts | 10 +++++++++- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/server/auth/types/authentication_type.ts b/server/auth/types/authentication_type.ts index b5e1a0cb3..66b4ce14a 100755 --- a/server/auth/types/authentication_type.ts +++ b/server/auth/types/authentication_type.ts @@ -115,7 +115,7 @@ export abstract class AuthenticationType implements IAuthenticationType { let authInfo: any | undefined; if (this.config.auth.anonymous_auth_enabled) { - const anonymousAuthHeaders = { _auth_request_type_: 'anonymous' }; + const anonymousAuthHeaders = { _auth_request_type_: 'anonymous', authorization: 'Basic b3BlbmRpc3Ryb19zZWN1cml0eV9hbm9ueW1vdXM6b3BlbmRpc3Ryb19zZWN1cml0eV9hbm9ueW1vdXM=' }; Object.assign(authHeaders, anonymousAuthHeaders); } @@ -159,10 +159,6 @@ export abstract class AuthenticationType implements IAuthenticationType { if (request.url.pathname && request.url.pathname.startsWith('/bundles/')) { return toolkit.notHandled(); } - console.log('Request is unauthorized'); - console.log(request.url); - console.log(request.route); - // send to auth workflow return this.handleUnauthedRequest(request, response, toolkit); } diff --git a/server/auth/types/basic/routes.ts b/server/auth/types/basic/routes.ts index a45179b6f..2328c8c35 100755 --- a/server/auth/types/basic/routes.ts +++ b/server/auth/types/basic/routes.ts @@ -186,8 +186,13 @@ export class BasicAuthRoutes { } context.security_plugin.logger.info('The Redirect Path is ' + redirectUrl); try { + // user = await this.securityClient.authenticateWithHeaders(request, { + // _auth_request_type_: 'anonymous', + // }); + // opendistro_security_anonymous:opendistro_security_anonymous + const authHeader = "b3BlbmRpc3Ryb19zZWN1cml0eV9hbm9ueW1vdXM6b3BlbmRpc3Ryb19zZWN1cml0eV9hbm9ueW1vdXM="; user = await this.securityClient.authenticateWithHeaders(request, { - _auth_request_type_: 'anonymous', + authorization: `Basic ${authHeader}`, }); } catch (error) { context.security_plugin.logger.error( @@ -214,6 +219,7 @@ export class BasicAuthRoutes { if (user.multitenancy_enabled) { request.headers._auth_request_type_ = 'anonymous'; + request.headers.authorization = 'Basic b3BlbmRpc3Ryb19zZWN1cml0eV9hbm9ueW1vdXM6b3BlbmRpc3Ryb19zZWN1cml0eV9hbm9ueW1vdXM='; const selectTenant = resolveTenant({ request, username: user.username, @@ -232,6 +238,8 @@ export class BasicAuthRoutes { return response.redirected({ headers: { location: `${redirectUrl}`, + _auth_request_type_: "anonymous", + authorization: "Basic b3BlbmRpc3Ryb19zZWN1cml0eV9hbm9ueW1vdXM6b3BlbmRpc3Ryb19zZWN1cml0eV9hbm9ueW1vdXM=" }, }); } else {