1   /*
2    * Copyright 2017 LINE Corporation
3    *
4    * LINE Corporation licenses this file to you under the Apache License,
5    * version 2.0 (the "License"); you may not use this file except in compliance
6    * with the License. You may obtain a copy of the License at:
7    *
8    *   https://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations
14   * under the License.
15   */
16  
17  package com.linecorp.centraldogma.server.internal.admin.auth;
18  
19  import java.util.concurrent.CompletionStage;
20  
21  import com.linecorp.armeria.common.HttpRequest;
22  import com.linecorp.armeria.common.util.UnmodifiableFuture;
23  import com.linecorp.armeria.server.ServiceRequestContext;
24  import com.linecorp.armeria.server.thrift.THttpService;
25  import com.linecorp.centraldogma.internal.CsrfToken;
26  import com.linecorp.centraldogma.server.internal.api.HttpApiUtil;
27  import com.linecorp.centraldogma.server.metadata.User;
28  
29  /**
30   * A decorator which checks whether an anonymous token exists.
31   * This should be used for {@link THttpService} and admin service without security.
32   */
33  public class AnonymousTokenAuthorizer extends AbstractAuthorizer {
34  
35      @Override
36      public CompletionStage<Boolean> authorize(ServiceRequestContext ctx, HttpRequest req, String accessToken) {
37          if (CsrfToken.ANONYMOUS.equals(accessToken)) {
38              AuthUtil.setCurrentUser(ctx, User.SYSTEM_ADMIN);
39              HttpApiUtil.setVerboseResponses(ctx, User.SYSTEM_ADMIN);
40              return UnmodifiableFuture.completedFuture(true);
41          } else {
42              return UnmodifiableFuture.completedFuture(false);
43          }
44      }
45  }