|
41 | 41 | import org.opensearch.common.io.stream.BytesStreamOutput;
|
42 | 42 | import org.opensearch.common.logging.DeprecationLogger;
|
43 | 43 | import org.opensearch.common.path.PathTrie;
|
44 |
| -import org.opensearch.common.util.FeatureFlags; |
45 | 44 | import org.opensearch.common.util.concurrent.ThreadContext;
|
46 | 45 | import org.opensearch.common.util.io.Streams;
|
47 | 46 | import org.opensearch.common.xcontent.XContentType;
|
|
56 | 55 | import org.opensearch.core.xcontent.XContentBuilder;
|
57 | 56 | import org.opensearch.http.HttpChunk;
|
58 | 57 | import org.opensearch.http.HttpServerTransport;
|
59 |
| -import org.opensearch.identity.IdentityService; |
60 |
| -import org.opensearch.identity.Subject; |
61 |
| -import org.opensearch.identity.UserSubject; |
62 |
| -import org.opensearch.identity.tokens.AuthToken; |
63 |
| -import org.opensearch.identity.tokens.RestTokenExtractor; |
64 | 58 | import org.opensearch.usage.UsageService;
|
65 | 59 |
|
66 | 60 | import java.io.ByteArrayOutputStream;
|
@@ -125,25 +119,23 @@ public class RestController implements HttpServerTransport.Dispatcher {
|
125 | 119 | /** Rest headers that are copied to internal requests made during a rest request. */
|
126 | 120 | private final Set<RestHeaderDefinition> headersToCopy;
|
127 | 121 | private final UsageService usageService;
|
128 |
| - private final IdentityService identityService; |
129 | 122 |
|
130 | 123 | public RestController(
|
131 | 124 | Set<RestHeaderDefinition> headersToCopy,
|
132 | 125 | UnaryOperator<RestHandler> handlerWrapper,
|
133 | 126 | NodeClient client,
|
134 | 127 | CircuitBreakerService circuitBreakerService,
|
135 |
| - UsageService usageService, |
136 |
| - IdentityService identityService |
| 128 | + UsageService usageService |
137 | 129 | ) {
|
138 | 130 | this.headersToCopy = headersToCopy;
|
139 | 131 | this.usageService = usageService;
|
140 | 132 | if (handlerWrapper == null) {
|
141 | 133 | handlerWrapper = h -> h; // passthrough if no wrapper set
|
142 | 134 | }
|
| 135 | + |
143 | 136 | this.handlerWrapper = handlerWrapper;
|
144 | 137 | this.client = client;
|
145 | 138 | this.circuitBreakerService = circuitBreakerService;
|
146 |
| - this.identityService = identityService; |
147 | 139 | registerHandlerNoWrap(
|
148 | 140 | RestRequest.Method.GET,
|
149 | 141 | "/favicon.ico",
|
@@ -472,11 +464,6 @@ private void tryAllHandlers(final RestRequest request, final RestChannel channel
|
472 | 464 | return;
|
473 | 465 | }
|
474 | 466 | } else {
|
475 |
| - if (FeatureFlags.isEnabled(FeatureFlags.IDENTITY)) { |
476 |
| - if (!handleAuthenticateUser(request, channel)) { |
477 |
| - return; |
478 |
| - } |
479 |
| - } |
480 | 467 | dispatchRequest(request, channel, handler);
|
481 | 468 | return;
|
482 | 469 | }
|
@@ -587,43 +574,6 @@ private void handleBadRequest(String uri, RestRequest.Method method, RestChannel
|
587 | 574 | }
|
588 | 575 | }
|
589 | 576 |
|
590 |
| - /** |
591 |
| - * Attempts to extract auth token and login. |
592 |
| - * |
593 |
| - * @return false if there was an error and the request should not continue being dispatched |
594 |
| - * */ |
595 |
| - private boolean handleAuthenticateUser(final RestRequest request, final RestChannel channel) { |
596 |
| - try { |
597 |
| - final AuthToken token = RestTokenExtractor.extractToken(request); |
598 |
| - // If no token was found, continue executing the request |
599 |
| - if (token == null) { |
600 |
| - // Authentication did not fail so return true. Authorization is handled at the action level. |
601 |
| - return true; |
602 |
| - } |
603 |
| - final Subject currentSubject = identityService.getCurrentSubject(); |
604 |
| - if (currentSubject instanceof UserSubject) { |
605 |
| - ((UserSubject) currentSubject).authenticate(token); |
606 |
| - logger.debug("Logged in as user " + currentSubject); |
607 |
| - } |
608 |
| - } catch (final Exception e) { |
609 |
| - try { |
610 |
| - final BytesRestResponse bytesRestResponse = BytesRestResponse.createSimpleErrorResponse( |
611 |
| - channel, |
612 |
| - RestStatus.UNAUTHORIZED, |
613 |
| - e.getMessage() |
614 |
| - ); |
615 |
| - channel.sendResponse(bytesRestResponse); |
616 |
| - } catch (final Exception ex) { |
617 |
| - final BytesRestResponse bytesRestResponse = new BytesRestResponse(RestStatus.UNAUTHORIZED, ex.getMessage()); |
618 |
| - channel.sendResponse(bytesRestResponse); |
619 |
| - } |
620 |
| - return false; |
621 |
| - } |
622 |
| - |
623 |
| - // Authentication did not fail so return true. Authorization is handled at the action level. |
624 |
| - return true; |
625 |
| - } |
626 |
| - |
627 | 577 | /**
|
628 | 578 | * Get the valid set of HTTP methods for a REST request.
|
629 | 579 | */
|
|
0 commit comments