zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-05-12 22:38:16 +02:00
Code Issues Projects Releases Packages Wiki Activity

Enable authentication/authorization checks

Browse source 
The code to authenticate and authorize incoming requests (including via OAuth) has been in the system. This CL actually turns it on, since we are satisfied from logging information that it is not unjustly denying access.

Auth settings are also updated on a few commands missed earlier.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=152381820
This commit is contained in:
mountford 2017-04-06 07:59:15 -07:00 committed by Ben McIlwain
parent bd696b4b92
commit 5127aeafb5
7 changed files with 40 additions and 42 deletions
Download patch file Download diff file Expand all files Collapse all files

5
java/google/registry/request/RequestHandler.java
View file

@ -171,9 +171,8 @@ public class RequestHandler<C> {
Optional<AuthResult> authResult =
requestAuthenticator.authorize(route.get().action().auth(), req);
if (!authResult.isPresent()) {
logger.warning("Request would not have been authorized");
// TODO(b/28219927): Change this to call rsp.sendError(SC_FORBIDDEN) and return
authResult = Optional.of(AuthResult.NOT_AUTHENTICATED);
rsp.sendError(SC_FORBIDDEN, "Not authorized");
return;
}
// Build a new request component using any modules we've constructed by this point.