A RetroSearch Logo

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Search Query:

Showing content from https://github.com/Asquera/elasticsearch-http-basic/commit/53d1cf8b6f44bb690d927a33f1f358ecdffe5a52 below:

introduced whitelist and put login:pw default not in settings · Asquera/elasticsearch-http-basic@53d1cf8 · GitHub

13 13

import static org.elasticsearch.rest.RestStatus.*;

 14 14 15 15

import java.io.IOException;

 16 +

import java.util.Arrays;

 17 +

import java.util.HashSet;

 18 +

import java.util.Set;

 19 +

import org.elasticsearch.common.logging.Loggers;

 16 20

import org.elasticsearch.rest.StringRestResponse;

 17 21 18 22

/**

@@ -22,49 +26,85 @@ public class HttpBasicServer extends HttpServer {

 22 26 23 27

private final String user;

 24 28

private final String password;

 29 +

private final Set<String> whitelist;

 30 +

private final String xForwardFor;

 25 31 26 32

@Inject public HttpBasicServer(Settings settings, Environment environment, HttpServerTransport transport,

 27 33

RestController restController,

 28 34

NodeService nodeService) {

 29 35

super(settings, environment, transport, restController, nodeService);

 30 36 31 -

this.user = settings.get("http.basic.user");

 32 -

this.password = settings.get("http.basic.password");

 37 +

this.user = settings.get("http.basic.user", "admin");

 38 +

this.password = settings.get("http.basic.password", "admin_pw");

 39 +

this.whitelist = new HashSet<String>(Arrays.asList(

 40 +

settings.getAsArray("http.basic.ipwhitelist",

 41 +

new String[]{"localhost", "127.0.0.1"})));

 42 + 43 +

this.xForwardFor = settings.get("http.basic.xforward", "");

 44 +

Loggers.getLogger(getClass()).info("using {}:{} with whitelist {}, xforward {}",

 45 +

user, password, whitelist, xForwardFor);

 33 46

}

 34 47 35 48

@Override

 36 49

public void internalDispatchRequest(final HttpRequest request, final HttpChannel channel) {

 37 -

if (shouldLetPass(request) || authBasic(request)) {

 50 +

if (authBasic(request) || isInIPWhitelist(request)) {

 38 51

super.internalDispatchRequest(request, channel);

 39 -

} else {

 52 +

} else if (ping(request)) {

 53 +

// If not authorized do not show version information etc

 54 +

channel.sendResponse(new StringRestResponse(OK, "{\"pong\":{}}"));

 55 +

} else {

 56 +

String addr = getAddress(request);

 57 +

Loggers.getLogger(getClass()).error("UNAUTHORIZED type {}, address {}, path {}, request {}, content {}",

 58 +

request.method(), addr, request.path(), request.params(), request.content().toUtf8());

 40 59

channel.sendResponse(new StringRestResponse(UNAUTHORIZED, "Authentication Required"));

 41 60

}

 42 61

}

 43 62 44 -

private boolean shouldLetPass(final HttpRequest request) {

 45 -

return (request.method() == RestRequest.Method.GET) && request.path().equals("/");

 63 +

private boolean ping(final HttpRequest request) {

 64 +

String path = request.path();

 65 +

return (request.method() == RestRequest.Method.GET) && path.equals("/");

 46 66

}

 47 67 48 68

private boolean authBasic(final HttpRequest request) {

 49 69

String authHeader = request.header("Authorization");

 50 70

if (authHeader == null)

 51 71

return false;

 52 72 53 -

String[] split = authHeader.split(" ");

 54 -

if (split.length < 1 || !split[0].equals("Basic"))

 73 +

String[] split = authHeader.split(" ", 2);

 74 +

if (split.length != 2 || !split[0].equals("Basic"))

 55 75

return false;

 56 76 57 -

String decoded;

 77 +

String decoded = "";

 58 78

try {

 59 79

decoded = new String(Base64.decode(split[1]));

 80 +

String[] userAndPassword = decoded.split(":", 2);

 81 +

String givenUser = userAndPassword[0];

 82 +

String givenPass = userAndPassword[1];

 83 +

return this.user.equals(givenUser) && this.password.equals(givenPass);

 60 84

} catch (IOException e) {

 61 -

logger.warn("Decoding of basic auth failed.");

 85 +

logger.warn("Retrieving of user and password failed for " + decoded + " ," + e.getMessage());

 62 86

return false;

 63 87

}

 88 +

}

 89 + 90 +

private String getAddress(HttpRequest request) {

 91 +

String addr;

 92 +

if (xForwardFor.isEmpty())

 93 +

addr = request.header("Host");

 94 +

else

 95 +

// "X-Forwarded-For"

 96 +

addr = request.header(xForwardFor);

 97 + 98 +

int portIndex = addr.indexOf(":");

 99 +

if (portIndex >= 0)

 100 +

addr = addr.substring(0, portIndex);

 101 +

return addr;

 102 +

}

 64 103 65 -

String[] userAndPassword = decoded.split(":");

 66 -

String givenUser = userAndPassword[0];

 67 -

String givenPass = userAndPassword[1];

 68 -

return this.user.equals(givenUser) && this.password.equals(givenPass);

 104 +

private boolean isInIPWhitelist(HttpRequest request) {

 105 +

String addr = getAddress(request);

 106 +

// Loggers.getLogger(getClass()).info("address {}, path {}, request {}",

 107 +

// addr, request.path(), request.params());

 108 +

return whitelist.contains(addr);

 69 109

}

 70 110

}

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4