Skip to content

Commit

Permalink
Update
Browse files Browse the repository at this point in the history
Signed-off-by: Stephen Crawford <[email protected]>
  • Loading branch information
stephen-crawford committed Sep 12, 2023
1 parent 1e587a1 commit bcc3e59
Show file tree
Hide file tree
Showing 4 changed files with 13 additions and 11 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -257,6 +257,7 @@ && isBlocked(((InetSocketAddress) request.getHttpChannel().getRemoteAddress()).g
final AuthCredentials ac;
try {
ac = httpAuthenticator.extractCredentials(request, threadContext);
System.out.println("Extracted auth creds has username " + ac.getUsername() + " and password " + ac.getPassword());
} catch (Exception e1) {
if (isDebugEnabled) {
log.debug("'{}' extracting credentials from {} http authenticator", e1.toString(), httpAuthenticator.getType(), e1);
Expand Down Expand Up @@ -293,6 +294,7 @@ && isBlocked(((InetSocketAddress) request.getHttpChannel().getRemoteAddress()).g
}
} else {
org.apache.logging.log4j.ThreadContext.put("user", ac.getUsername());
System.out.println("Username is " + ac.getUsername());
if (!ac.isComplete()) {
// credentials found in request but we need another client challenge
if (httpAuthenticator.reRequestAuthentication(channel, ac)) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@
import java.util.Map.Entry;

import org.bouncycastle.crypto.generators.OpenBSDBCrypt;
import org.bouncycastle.util.Strings;
import org.greenrobot.eventbus.Subscribe;

import org.opensearch.OpenSearchSecurityException;
Expand Down Expand Up @@ -90,12 +91,13 @@ public boolean exists(User user) {
* @return Whether the hash matches the provided password
*/
public boolean passwordMatchesHash(String hash, char[] array) {
System.out.println("Checking if password matches hash. Hash is: " + hash + " array is: " + array.toString() + " Match is " + OpenBSDBCrypt.checkPassword(hash, array));
return OpenBSDBCrypt.checkPassword(hash, array);
}

@Override
public User authenticate(final AuthCredentials credentials) {

System.out.println("Authenticating creds with name: " + credentials.getUsername() + " and password: " + credentials.getPassword());
boolean userExists;

if (internalUsersModel == null) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -80,6 +80,7 @@
import org.opensearch.security.support.ConfigHelper;
import org.opensearch.security.support.SecurityUtils;
import org.opensearch.threadpool.ThreadPool;
import static java.lang.Thread.sleep;
import static org.opensearch.security.dlic.rest.support.Utils.hash;

public class ConfigurationRepository {
Expand Down Expand Up @@ -228,7 +229,7 @@ private ConfigurationRepository(
} catch (Exception e) {
LOGGER.debug("Unable to load configuration due to {}", String.valueOf(ExceptionUtils.getRootCause(e)));
try {
Thread.sleep(3000);
sleep(3000);
} catch (InterruptedException e1) {
Thread.currentThread().interrupt();
LOGGER.debug("Thread was interrupted so we cancel initialization");
Expand Down Expand Up @@ -258,16 +259,11 @@ private ConfigurationRepository(
}

LOGGER.info("Node '{}' initialized", clusterService.localNode().getName());

createAdminUser();
sleep(1000);
} catch (Exception e) {
LOGGER.error("Unexpected exception while initializing node " + e, e);
}

try {
createAdminUser();
} catch (IOException | PrivilegedActionException e) {
throw new RuntimeException(e);
}
});

}
Expand Down Expand Up @@ -304,7 +300,7 @@ private void waitForSecurityIndexToBeAtLeastYellow() {
response == null ? "no response" : (response.isTimedOut() ? "timeout" : "other, maybe red cluster")
);
try {
Thread.sleep(500);
sleep(500);
} catch (InterruptedException e) {
// ignore
Thread.currentThread().interrupt();
Expand Down Expand Up @@ -491,6 +487,7 @@ private void createAdminUser() throws IOException, PrivilegedActionException {

String plaintextPassword = this.settings.get(ConfigConstants.SECURITY_BOOTSTRAP_ADMIN_DEFAULT_PASSWORD);
String hashedPassword = hash(plaintextPassword.toCharArray());
System.out.println("Providing hash for admin of: " + hashedPassword);
String userJsonAsString = "{ \"hash\" : \""
+ hashedPassword
+ "\", \"backend_roles\": [\"admin\"], "
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -294,7 +294,8 @@ public void testInvalidDefaultConfig() throws Exception {
final String defaultInitDirectory = ClusterHelper.updateDefaultDirectory(
new File(TEST_RESOURCE_RELATIVE_PATH + "invalid_config").getAbsolutePath()
);
final Settings settings = Settings.builder().put(ConfigConstants.SECURITY_ALLOW_DEFAULT_INIT_SECURITYINDEX, true).build();
System.out.println("Default init dir: " + defaultInitDirectory);
final Settings settings = Settings.builder().put(ConfigConstants.SECURITY_ALLOW_DEFAULT_INIT_SECURITYINDEX, true).put(ConfigConstants.SECURITY_BOOTSTRAP_ADMIN_DEFAULT_PASSWORD, "testPassword").build();
setup(Settings.EMPTY, null, settings, false);
RestHelper rh = nonSslRestHelper();
Thread.sleep(10000);
Expand Down

0 comments on commit bcc3e59

Please sign in to comment.