|
| 1 | +package authentication |
| 2 | + |
| 3 | +import ( |
| 4 | + "context" |
| 5 | + "net/http" |
| 6 | + "os" |
| 7 | + |
| 8 | + "github.com/go-kit/log" |
| 9 | + "github.com/go-kit/log/level" |
| 10 | + grpc_middleware_auth "github.com/grpc-ecosystem/go-grpc-middleware/v2/interceptors/auth" |
| 11 | + "github.com/prometheus/client_golang/prometheus" |
| 12 | + "google.golang.org/grpc" |
| 13 | + "google.golang.org/grpc/codes" |
| 14 | + "google.golang.org/grpc/status" |
| 15 | +) |
| 16 | + |
| 17 | +// AnonymousAuthenticatorType represents the anonymous authentication provider |
| 18 | +// type. |
| 19 | +// |
| 20 | +// It always authenticates the incoming request and sets the subject's name to |
| 21 | +// 'anonymous'. It should only be used for tests and it requires the |
| 22 | +// INSECURE_ANONYMOUS_AUTHENTICATOR_ENABLED environment variable to be set to |
| 23 | +// 1. |
| 24 | +const AnonymousAuthenticatorType = "anonymous" |
| 25 | + |
| 26 | +func init() { |
| 27 | + if v := os.Getenv("INSECURE_ANONYMOUS_AUTHENTICATOR_ENABLED"); v == "1" { |
| 28 | + onboardNewProvider(AnonymousAuthenticatorType, anonymousAuthenticatorType) |
| 29 | + } |
| 30 | +} |
| 31 | + |
| 32 | +func anonymousAuthenticatorType(_ map[string]interface{}, _ string, _ *prometheus.CounterVec, logger log.Logger) (Provider, error) { |
| 33 | + level.Warn(logger).Log("msg", "using anonymous authenticator") |
| 34 | + return &anonymousAuthenticator{}, nil |
| 35 | +} |
| 36 | + |
| 37 | +type anonymousAuthenticator struct{} |
| 38 | + |
| 39 | +// Middleware implements the Provider interface. |
| 40 | +func (a *anonymousAuthenticator) Middleware() Middleware { |
| 41 | + return func(next http.Handler) http.Handler { |
| 42 | + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { |
| 43 | + ctx := context.WithValue(r.Context(), subjectKey, "anonymous") |
| 44 | + next.ServeHTTP(w, r.WithContext(ctx)) |
| 45 | + }) |
| 46 | + } |
| 47 | +} |
| 48 | + |
| 49 | +// GRPCMiddleware implements the Provider interface. |
| 50 | +// It isn't yet implemented. |
| 51 | +func (a *anonymousAuthenticator) GRPCMiddleware() grpc.StreamServerInterceptor { |
| 52 | + return grpc_middleware_auth.StreamServerInterceptor(func(ctx context.Context) (context.Context, error) { |
| 53 | + return ctx, status.Error(codes.Unimplemented, "internal error") |
| 54 | + }) |
| 55 | +} |
| 56 | + |
| 57 | +// Handler implements the Provider interface. |
| 58 | +func (a *anonymousAuthenticator) Handler() (string, http.Handler) { |
| 59 | + return "", nil |
| 60 | +} |
0 commit comments