Skip to content

Commit

Permalink
Enforce authentication on api/status route by default (#968)
Browse files Browse the repository at this point in the history
Signed-off-by: cliu123 <[email protected]>
  • Loading branch information
cliu123 authored Apr 26, 2022
1 parent ec59de0 commit f0cb0c4
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 2 deletions.
4 changes: 2 additions & 2 deletions server/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -70,14 +70,14 @@ export const configSchema = schema.object({
}),
anonymous_auth_enabled: schema.boolean({ defaultValue: false }),
unauthenticated_routes: schema.arrayOf(schema.string(), {
defaultValue: ['/api/status', '/api/reporting/stats'],
defaultValue: ['/api/reporting/stats'],
}),
forbidden_usernames: schema.arrayOf(schema.string(), { defaultValue: [] }),
logout_url: schema.string({ defaultValue: '' }),
}),
basicauth: schema.object({
enabled: schema.boolean({ defaultValue: true }),
unauthenticated_routes: schema.arrayOf(schema.string(), { defaultValue: ['/api/status'] }),
unauthenticated_routes: schema.arrayOf(schema.string(), { defaultValue: [] }),
forbidden_usernames: schema.arrayOf(schema.string(), { defaultValue: [] }),
header_trumps_session: schema.boolean({ defaultValue: false }),
alternative_login: schema.object({
Expand Down
5 changes: 5 additions & 0 deletions test/jest_integration/basic_auth.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -208,6 +208,11 @@ describe('start OpenSearch Dashboards server', () => {
expect(response.status).toEqual(302);
});

it('enforce authentication on api/status route', async () => {
const response = await osdTestServer.request.get(root, '/api/status');
expect(response.status).toEqual(401);
});

it('can access api/status route with admin credential', async () => {
const response = await osdTestServer.request
.get(root, '/api/status')
Expand Down

0 comments on commit f0cb0c4

Please sign in to comment.