Expose authHandler and createClient helper functions

2025-04-23 17:28:26 -04:00 · 2015-09-17 18:33:30 -07:00 · 2015-09-17 18:33:30 -07:00 · 4886bf9e4e
commit 4886bf9e4e
parent 1bcd867f49
3 changed files with 74 additions and 35 deletions
--- a/src/plugins/elasticsearch/index.js
+++ b/src/plugins/elasticsearch/index.js
@ -1,6 +1,7 @@
 module.exports = function (kibana) {
  var healthCheck = require('./lib/health_check');
  var exposeClient = require('./lib/expose_client');
+  var exposeAuthHandler = require('./lib/expose_auth_handler');
  var createProxy = require('./lib/create_proxy');

  return new kibana.Plugin({
@ -33,6 +34,7 @@ module.exports = function (kibana) {

      // Expose the client to the server
      exposeClient(server);
+      exposeAuthHandler(server);
      createProxy(server, 'GET', '/{paths*}');
      createProxy(server, 'POST', '/_mget');
      createProxy(server, 'POST', '/{index}/_search');
--- a/src/plugins/elasticsearch/lib/expose_auth_handler.js
+++ b/src/plugins/elasticsearch/lib/expose_auth_handler.js
@ -0,0 +1,20 @@
+module.exports = (server) => {
+
+  function authHandler(fn) {
+    return function (req, reply) {
+      return fn(req, reply)
+        .then(reply)
+        .catch(function (err) {
+          if (err.status === 401) {
+            return reply(err.body)
+              .header('WWW-Authenticate', 'Basic realm="Authorization Required"')
+              .code(401);
+          }
+          reply(err);
+        });
+    };
+  }
+
+  server.expose('authHandler', authHandler);
+
+};
--- a/src/plugins/elasticsearch/lib/expose_client.js
+++ b/src/plugins/elasticsearch/lib/expose_client.js
@ -6,48 +6,65 @@ var url = require('url');

 module.exports = function (server) {
  var config = server.config();
-  var uri = url.parse(config.get('elasticsearch.url'));
-  var username = config.get('elasticsearch.username');
-  var password = config.get('elasticsearch.password');
-  var verifySsl = config.get('elasticsearch.ssl.verify');
-  var clientCrt = config.get('elasticsearch.ssl.cert');
-  var clientKey = config.get('elasticsearch.ssl.key');
-  var ca = config.get('elasticsearch.ssl.ca');
-  var apiVersion = config.get('elasticsearch.apiVersion');

-  if (username && password) {
-    uri.auth = util.format('%s:%s', username, password);
-  }
+  function createClient(options) {
+    options = _.defaults(options || {}, {
+      url: config.get('elasticsearch.url'),
+      username: config.get('elasticsearch.username'),
+      password: config.get('elasticsearch.password'),
+      verifySsl: config.get('elasticsearch.ssl.verify'),
+      clientCrt: config.get('elasticsearch.ssl.cert'),
+      clientKey: config.get('elasticsearch.ssl.key'),
+      ca: config.get('elasticsearch.ssl.ca'),
+      apiVersion: config.get('elasticsearch.apiVersion'),
+      keepAlive: true
+    });

-  var ssl = { rejectUnauthorized: verifySsl };
-  if (clientCrt && clientKey) {
-    ssl.cert = fs.readFileSync(clientCrt, 'utf8');
-    ssl.key = fs.readFileSync(clientKey, 'utf8');
-  }
-  if (ca) {
-    ssl.ca = fs.readFileSync(ca, 'utf8');
-  }
+    var uri = url.parse(options.url);

-  var client = new elasticsearch.Client({
-    host: url.format(uri),
-    ssl: ssl,
-    apiVersion: apiVersion,
-    log: function () {
-      this.error = function (err) {
-        server.log(['error', 'elasticsearch'], err);
-      };
-      this.warning = function (message) {
-        server.log(['warning', 'elasticsearch'], message);
-      };
-      this.info = _.noop;
-      this.debug = _.noop;
-      this.trace = _.noop;
-      this.close = _.noop;
+    var authorization;
+    if (options.req) {
+      if (_.get(options.req, 'headers.authorization')) {
+        authorization = _.get(options.req, 'headers.authorization').replace('Basic ', '');
+        uri.auth = new Buffer(authorization, 'base64').toString('utf8');
+      }
+    } else if (options.username && options.password) {
+      uri.auth = util.format('%s:%s', options.username, options.password);
    }
-  });

+    var ssl = { rejectUnauthorized: options.verifySsl };
+    if (options.clientCrt && options.clientKey) {
+      ssl.cert = fs.readFileSync(options.clientCrt, 'utf8');
+      ssl.key = fs.readFileSync(options.clientKey, 'utf8');
+    }
+    if (options.ca) {
+      ssl.ca = fs.readFileSync(options.ca, 'utf8');
+    }
+
+    return new elasticsearch.Client({
+      host: url.format(uri),
+      ssl: ssl,
+      apiVersion: options.apiVersion,
+      keepAlive: options.keepAlive,
+      log: function () {
+        this.error = function (err) {
+          server.log(['error', 'elasticsearch'], err);
+        };
+        this.warning = function (message) {
+          server.log(['warning', 'elasticsearch'], message);
+        };
+        this.info = _.noop;
+        this.debug = _.noop;
+        this.trace = _.noop;
+        this.close = _.noop;
+      }
+    });
+  }
+
+  var client = createClient();
  server.on('close', _.bindKey(client, 'close'));
  server.expose('client', client);
+  server.expose('createClient', createClient);

  return client;