1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package com.linecorp.centraldogma.server.internal.admin.auth;
18
19 import java.util.concurrent.CompletableFuture;
20 import java.util.concurrent.CompletionStage;
21
22 import com.linecorp.armeria.common.HttpRequest;
23 import com.linecorp.armeria.common.auth.OAuth2Token;
24 import com.linecorp.armeria.server.ServiceRequestContext;
25 import com.linecorp.armeria.server.auth.AuthTokenExtractors;
26 import com.linecorp.armeria.server.auth.Authorizer;
27 import com.linecorp.armeria.server.thrift.THttpService;
28 import com.linecorp.centraldogma.internal.CsrfToken;
29 import com.linecorp.centraldogma.server.internal.api.HttpApiUtil;
30 import com.linecorp.centraldogma.server.metadata.User;
31
32
33
34
35
36 public class CsrfTokenAuthorizer implements Authorizer<HttpRequest> {
37
38 @Override
39 public CompletionStage<Boolean> authorize(ServiceRequestContext ctx, HttpRequest data) {
40 final OAuth2Token token = AuthTokenExtractors.oAuth2().apply(data.headers());
41 if (token != null && CsrfToken.ANONYMOUS.equals(token.accessToken())) {
42 AuthUtil.setCurrentUser(ctx, User.SYSTEM_ADMIN);
43 HttpApiUtil.setVerboseResponses(ctx, User.SYSTEM_ADMIN);
44 return CompletableFuture.completedFuture(true);
45 } else {
46 return CompletableFuture.completedFuture(false);
47 }
48 }
49 }