github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 01:38:56 -04:00
Code Issues Projects Releases Packages Wiki Activity

Fix conflict, closes #5082

Browse source
This commit is contained in:
Rashid Khan 2015-10-12 17:23:09 -07:00
parent 9df3cbe43a
commit cd38f9a566
3 changed files with 41 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

27
src/plugins/elasticsearch/lib/__tests__/get_basic_auth_realm.js Normal file
View file

@ -0,0 +1,27 @@
const getBasicAuthRealm = require('../get_basic_auth_realm');
const expect = require('expect.js');
const exception = '[security_exception] missing authentication token for REST request [/logstash-*/_search],' +
' with: {"header":{"WWW-Authenticate":"Basic realm=\\"shield\\""}}';
describe('plugins/elasticsearch', function () {
describe('lib/get_basic_auth_realm', function () {
it('should return null if passed something other than a string', function () {
expect(getBasicAuthRealm({})).to.be(null);
expect(getBasicAuthRealm(500)).to.be(null);
expect(getBasicAuthRealm([exception])).to.be(null);
});
// TODO: This should be updated to match header strings when the client supports that
it('should return the realm when passed an elasticsearch security exception', function () {
expect(getBasicAuthRealm(exception)).to.be('shield');
});
it('should return null when no basic realm information is found', function () {
expect(getBasicAuthRealm('Basically nothing="the universe"')).to.be(null);
});
});
});

9
src/plugins/elasticsearch/lib/call_with_request.js
View file

@ -1,6 +1,8 @@
const _ = require('lodash');
const Promise = require('bluebird');
const Boom = require('boom');
const getBasicAuthRealm = require('./get_basic_auth_realm');
module.exports = (client) => {
return (req, endpoint, params = {}) => {
if (req.headers.authorization) {
@ -11,8 +13,11 @@ module.exports = (client) => {
return api.call(client, params)
.catch((err) => {
if (err.status === 401) {
const options = { realm: 'Authorization Required' };
return Promise.reject(Boom.unauthorized(err.body, 'Basic', options));
// TODO: The err.message is temporary until we have support for getting headers in the client.
// Once we have that, we should be able to pass the contents of the WWW-Authenticate head to getRealm
const realm = getBasicAuthRealm(err.message) || 'Authorization Required';
const options = { realm: realm };
return Promise.reject(Boom.unauthorized('Unauthorized', 'Basic', options));
}
return Promise.reject(err);
});

7
src/plugins/elasticsearch/lib/get_basic_auth_realm.js Normal file
View file

@ -0,0 +1,7 @@
module.exports = function getBasicAuthRealm(message) {
if (!message || typeof message !== 'string') return null;
const parts = message.match(/Basic\ realm=\\"(.*)\\"/);
if (parts && parts.length === 2) return parts[1];
else return null;
};