mirror of
https://github.com/google/nomulus.git
synced 2025-07-25 20:18:34 +02:00
Remove internal auth mechanism (#2066)
It was used by cron job and task queues, which now use OIDC-based auth. Also renamed and consolidated auth enums to make them easier to understand. Ultimately we should get rid of the AuthMethod part as OIDC will be the only auth method used. Based on the updated routing map: Backend and tools: the only change is that INTERNAL is removed from allowed auth methods. Should be an no-op. Pubapi: INTERNAL is removed from allowed auth. For endpoints that only allowed INTERNAL before, API and LEGACY become the allowed methods. However this should not affect anything because regardless of which auth method is ultimately used, the required auth level is always NONE for pubapi endpoints. Therefore any auth result is discarded anyway. Frontend: INTERNAL is removed. RegistryLockVerifyAction has lowered its required auth level to NONE because it extends HtmlAction, which can redirect the user to login if necessary. All other endpoints extending HtmlAction require NONE, so it's better to keep things consistent.
This commit is contained in:
Lai Jiang
GitHub
parent
cc3901691c
commit
bef28d2e34
75 changed files with 237 additions and 465 deletions
|
|
@ -52,7 +52,7 @@ import javax.mail.internet.InternetAddress;
|
|||
path = "/_dr/task/executeCannedScript",
|
||||
method = POST,
|
||||
automaticallyPrintOk = true,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class CannedScriptExecutionAction implements Runnable {
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ import org.joda.time.Days;
|
|||
@Action(
|
||||
service = Service.BACKEND,
|
||||
path = CheckPackagesComplianceAction.PATH,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class CheckPackagesComplianceAction implements Runnable {
|
||||
|
||||
public static final String PATH = "/_dr/task/checkPackagesCompliance";
|
||||
|
|
|
|||
|
|
@ -69,7 +69,7 @@ import org.joda.time.Duration;
|
|||
@Action(
|
||||
service = Action.Service.BACKEND,
|
||||
path = DeleteExpiredDomainsAction.PATH,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class DeleteExpiredDomainsAction implements Runnable {
|
||||
|
||||
public static final String PATH = "/_dr/task/deleteExpiredDomains";
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ import javax.inject.Inject;
|
|||
service = Action.Service.BACKEND,
|
||||
path = "/_dr/task/deleteLoadTestData",
|
||||
method = POST,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class DeleteLoadTestDataAction implements Runnable {
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
|
|
|||
|
|
@ -58,7 +58,7 @@ import org.joda.time.Duration;
|
|||
service = Action.Service.BACKEND,
|
||||
path = "/_dr/task/deleteProberData",
|
||||
method = POST,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class DeleteProberDataAction implements Runnable {
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
|
|
|||
|
|
@ -52,7 +52,7 @@ import org.joda.time.DateTime;
|
|||
@Action(
|
||||
service = Action.Service.BACKEND,
|
||||
path = "/_dr/task/expandBillingRecurrences",
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class ExpandBillingRecurrencesAction implements Runnable {
|
||||
|
||||
public static final String PARAM_START_TIME = "startTime";
|
||||
|
|
|
|||
|
|
@ -53,7 +53,7 @@ import org.joda.time.Duration;
|
|||
path = RelockDomainAction.PATH,
|
||||
method = POST,
|
||||
automaticallyPrintOk = true,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class RelockDomainAction implements Runnable {
|
||||
|
||||
public static final String PATH = "/_dr/task/relockDomain";
|
||||
|
|
|
|||
|
|
@ -55,7 +55,7 @@ import javax.inject.Inject;
|
|||
@Action(
|
||||
service = Action.Service.BACKEND,
|
||||
path = ResaveAllEppResourcesPipelineAction.PATH,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class ResaveAllEppResourcesPipelineAction implements Runnable {
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ import org.joda.time.DateTime;
|
|||
@Action(
|
||||
service = Action.Service.BACKEND,
|
||||
path = ResaveEntityAction.PATH,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN,
|
||||
auth = Auth.AUTH_API_ADMIN,
|
||||
method = Method.POST)
|
||||
public class ResaveEntityAction implements Runnable {
|
||||
|
||||
|
|
|
|||
|
|
@ -53,7 +53,7 @@ import org.joda.time.format.DateTimeFormatter;
|
|||
@Action(
|
||||
service = Action.Service.BACKEND,
|
||||
path = SendExpiringCertificateNotificationEmailAction.PATH,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class SendExpiringCertificateNotificationEmailAction implements Runnable {
|
||||
|
||||
public static final String PATH = "/_dr/task/sendExpiringCertificateNotificationEmail";
|
||||
|
|
|
|||
|
|
@ -44,7 +44,7 @@ import javax.inject.Inject;
|
|||
@Action(
|
||||
service = Action.Service.BACKEND,
|
||||
path = "/_dr/task/wipeOutCloudSql",
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class WipeOutCloudSqlAction implements Runnable {
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
||||
|
|
|
|||
|
|
@ -51,7 +51,7 @@ import org.joda.time.DateTime;
|
|||
@Action(
|
||||
service = Service.BACKEND,
|
||||
path = WipeOutContactHistoryPiiAction.PATH,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class WipeOutContactHistoryPiiAction implements Runnable {
|
||||
|
||||
public static final String PATH = "/_dr/task/wipeOutContactHistoryPii";
|
||||
|
|
|
|||
|
|
@ -81,7 +81,7 @@ import javax.inject.Inject;
|
|||
service = Action.Service.BACKEND,
|
||||
path = "/_dr/cron/fanout",
|
||||
automaticallyPrintOk = true,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class TldFanoutAction implements Runnable {
|
||||
|
||||
/** A set of control params to TldFanoutAction that aren't passed down to the executing action. */
|
||||
|
|
|
|||
|
|
@ -76,7 +76,7 @@ import org.joda.time.Duration;
|
|||
path = PublishDnsUpdatesAction.PATH,
|
||||
method = POST,
|
||||
automaticallyPrintOk = true,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class PublishDnsUpdatesAction implements Runnable, Callable<Void> {
|
||||
|
||||
public static final String PATH = "/_dr/task/publishDnsUpdates";
|
||||
|
|
|
|||
|
|
@ -64,7 +64,7 @@ import org.joda.time.Duration;
|
|||
path = "/_dr/task/readDnsRefreshRequests",
|
||||
automaticallyPrintOk = true,
|
||||
method = POST,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class ReadDnsRefreshRequestsAction implements Runnable {
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@ import javax.inject.Inject;
|
|||
service = Action.Service.BACKEND,
|
||||
path = "/_dr/dnsRefresh",
|
||||
automaticallyPrintOk = true,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class RefreshDnsAction implements Runnable {
|
||||
|
||||
private final Clock clock;
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ import org.joda.time.DateTime;
|
|||
service = Service.BACKEND,
|
||||
path = PATH,
|
||||
method = Action.Method.POST,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class RefreshDnsOnHostRenameAction implements Runnable {
|
||||
|
||||
public static final String QUEUE_HOST_RENAME = "async-host-rename";
|
||||
|
|
|
|||
|
|
@ -49,7 +49,7 @@ import javax.inject.Inject;
|
|||
service = Action.Service.BACKEND,
|
||||
path = "/_dr/task/exportDomainLists",
|
||||
method = POST,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class ExportDomainListsAction implements Runnable {
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
|
|
|||
|
|
@ -48,7 +48,7 @@ import javax.inject.Inject;
|
|||
service = Action.Service.BACKEND,
|
||||
path = "/_dr/task/exportPremiumTerms",
|
||||
method = POST,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class ExportPremiumTermsAction implements Runnable {
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ import javax.inject.Inject;
|
|||
service = Action.Service.BACKEND,
|
||||
path = "/_dr/task/exportReservedTerms",
|
||||
method = POST,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class ExportReservedTermsAction implements Runnable {
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
|
|
|||
|
|
@ -55,7 +55,7 @@ import javax.inject.Inject;
|
|||
service = Action.Service.BACKEND,
|
||||
path = "/_dr/task/syncGroupMembers",
|
||||
method = POST,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class SyncGroupMembersAction implements Runnable {
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
|
|
|||
|
|
@ -57,7 +57,7 @@ import org.joda.time.Duration;
|
|||
service = Action.Service.BACKEND,
|
||||
path = SyncRegistrarsSheetAction.PATH,
|
||||
method = POST,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class SyncRegistrarsSheetAction implements Runnable {
|
||||
|
||||
private enum Result {
|
||||
|
|
|
|||
|
|
@ -69,7 +69,7 @@ import org.joda.time.DateTime;
|
|||
* user controlled, lest it open an XSS vector. Do not modify this to return the domain name in the
|
||||
* response.
|
||||
*/
|
||||
@Action(service = Action.Service.PUBAPI, path = "/check", auth = Auth.AUTH_PUBLIC_ANONYMOUS)
|
||||
@Action(service = Action.Service.PUBAPI, path = "/check", auth = Auth.AUTH_PUBLIC)
|
||||
public class CheckApiAction implements Runnable {
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ import javax.servlet.http.HttpSession;
|
|||
service = Action.Service.DEFAULT,
|
||||
path = "/_dr/epp",
|
||||
method = Method.POST,
|
||||
auth = Auth.AUTH_PUBLIC_OR_INTERNAL)
|
||||
auth = Auth.AUTH_API_PUBLIC)
|
||||
public class EppTlsAction implements Runnable {
|
||||
|
||||
@Inject @Payload byte[] inputXmlBytes;
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ import javax.servlet.http.HttpServletRequest;
|
|||
service = Action.Service.TOOLS,
|
||||
path = EppToolAction.PATH,
|
||||
method = Method.POST,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class EppToolAction implements Runnable {
|
||||
|
||||
public static final String PATH = "/_dr/epptool";
|
||||
|
|
|
|||
|
|
@ -58,7 +58,7 @@ import org.joda.time.DateTime;
|
|||
path = LoadTestAction.PATH,
|
||||
method = Action.Method.POST,
|
||||
automaticallyPrintOk = true,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class LoadTestAction implements Runnable {
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ import javax.inject.Inject;
|
|||
path = "/rdap/autnum/",
|
||||
method = {GET, HEAD},
|
||||
isPrefix = true,
|
||||
auth = Auth.AUTH_PUBLIC_ANONYMOUS)
|
||||
auth = Auth.AUTH_PUBLIC)
|
||||
public class RdapAutnumAction extends RdapActionBase {
|
||||
|
||||
@Inject RdapAutnumAction() {
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ import javax.inject.Inject;
|
|||
path = "/rdap/help",
|
||||
method = {GET, HEAD},
|
||||
isPrefix = true,
|
||||
auth = Auth.AUTH_PUBLIC_ANONYMOUS)
|
||||
auth = Auth.AUTH_PUBLIC)
|
||||
public class RdapHelpAction extends RdapActionBase {
|
||||
|
||||
/** The help path for the RDAP terms of service. */
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ import javax.inject.Inject;
|
|||
path = "/rdap/ip/",
|
||||
method = {GET, HEAD},
|
||||
isPrefix = true,
|
||||
auth = Auth.AUTH_PUBLIC_ANONYMOUS)
|
||||
auth = Auth.AUTH_PUBLIC)
|
||||
public class RdapIpAction extends RdapActionBase {
|
||||
|
||||
@Inject RdapIpAction() {
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@ import javax.inject.Inject;
|
|||
path = "/rdap/nameserver/",
|
||||
method = {GET, HEAD},
|
||||
isPrefix = true,
|
||||
auth = Auth.AUTH_PUBLIC_ANONYMOUS)
|
||||
auth = Auth.AUTH_PUBLIC)
|
||||
public class RdapNameserverAction extends RdapActionBase {
|
||||
|
||||
@Inject public RdapNameserverAction() {
|
||||
|
|
|
|||
|
|
@ -59,7 +59,7 @@ import javax.inject.Inject;
|
|||
service = Action.Service.PUBAPI,
|
||||
path = "/rdap/nameservers",
|
||||
method = {GET, HEAD},
|
||||
auth = Auth.AUTH_PUBLIC_ANONYMOUS)
|
||||
auth = Auth.AUTH_PUBLIC)
|
||||
public class RdapNameserverSearchAction extends RdapSearchActionBase {
|
||||
|
||||
public static final String PATH = "/rdap/nameservers";
|
||||
|
|
|
|||
|
|
@ -49,7 +49,7 @@ import org.apache.commons.csv.CSVRecord;
|
|||
service = Action.Service.BACKEND,
|
||||
path = "/_dr/task/updateRegistrarRdapBaseUrls",
|
||||
automaticallyPrintOk = true,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class UpdateRegistrarRdapBaseUrlsAction implements Runnable {
|
||||
|
||||
private static final GenericUrl RDAP_IDS_URL =
|
||||
|
|
|
|||
|
|
@ -66,7 +66,7 @@ import org.joda.time.DateTime;
|
|||
path = BrdaCopyAction.PATH,
|
||||
method = POST,
|
||||
automaticallyPrintOk = true,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class BrdaCopyAction implements Runnable {
|
||||
|
||||
public static final String PATH = "/_dr/task/brdaCopy";
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ import org.joda.time.Duration;
|
|||
service = Action.Service.BACKEND,
|
||||
path = RdeReportAction.PATH,
|
||||
method = POST,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class RdeReportAction implements Runnable, EscrowTask {
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
|
|
|||
|
|
@ -207,7 +207,7 @@ import org.joda.time.Duration;
|
|||
service = Action.Service.BACKEND,
|
||||
path = RdeStagingAction.PATH,
|
||||
method = {GET, POST},
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class RdeStagingAction implements Runnable {
|
||||
|
||||
public static final String PATH = "/_dr/task/rdeStaging";
|
||||
|
|
|
|||
|
|
@ -87,7 +87,7 @@ import org.joda.time.Duration;
|
|||
service = Action.Service.BACKEND,
|
||||
path = RdeUploadAction.PATH,
|
||||
method = POST,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class RdeUploadAction implements Runnable, EscrowTask {
|
||||
|
||||
public static final String PATH = "/_dr/task/rdeUpload";
|
||||
|
|
|
|||
|
|
@ -47,7 +47,7 @@ import javax.inject.Inject;
|
|||
service = Action.Service.BACKEND,
|
||||
path = CopyDetailReportsAction.PATH,
|
||||
method = POST,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class CopyDetailReportsAction implements Runnable {
|
||||
|
||||
public static final String PATH = "/_dr/task/copyDetailReports";
|
||||
|
|
|
|||
|
|
@ -54,7 +54,7 @@ import org.joda.time.YearMonth;
|
|||
service = Action.Service.BACKEND,
|
||||
path = GenerateInvoicesAction.PATH,
|
||||
method = POST,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class GenerateInvoicesAction implements Runnable {
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
|
|
|||
|
|
@ -52,7 +52,7 @@ import org.joda.time.YearMonth;
|
|||
service = Action.Service.BACKEND,
|
||||
path = PublishInvoicesAction.PATH,
|
||||
method = POST,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class PublishInvoicesAction implements Runnable {
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
|
|
|||
|
|
@ -67,7 +67,7 @@ import org.joda.time.format.DateTimeFormat;
|
|||
service = Action.Service.BACKEND,
|
||||
path = IcannReportingStagingAction.PATH,
|
||||
method = POST,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class IcannReportingStagingAction implements Runnable {
|
||||
|
||||
static final String PATH = "/_dr/task/icannReportingStaging";
|
||||
|
|
|
|||
|
|
@ -70,7 +70,7 @@ import org.joda.time.Duration;
|
|||
service = Action.Service.BACKEND,
|
||||
path = IcannReportingUploadAction.PATH,
|
||||
method = POST,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class IcannReportingUploadAction implements Runnable {
|
||||
|
||||
static final String PATH = "/_dr/task/icannReportingUpload";
|
||||
|
|
|
|||
|
|
@ -53,7 +53,7 @@ import org.joda.time.LocalDate;
|
|||
service = Action.Service.BACKEND,
|
||||
path = GenerateSpec11ReportAction.PATH,
|
||||
method = POST,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class GenerateSpec11ReportAction implements Runnable {
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
|
|
|||
|
|
@ -59,7 +59,7 @@ import org.json.JSONException;
|
|||
service = Action.Service.BACKEND,
|
||||
path = PublishSpec11ReportAction.PATH,
|
||||
method = POST,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class PublishSpec11ReportAction implements Runnable {
|
||||
|
||||
static final String PATH = "/_dr/task/publishSpec11";
|
||||
|
|
|
|||
|
|
@ -1,62 +0,0 @@
|
|||
// Copyright 2017 The Nomulus Authors. All Rights Reserved.
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package google.registry.request.auth;
|
||||
|
||||
import static google.registry.request.auth.AuthSettings.AuthLevel.APP;
|
||||
import static google.registry.request.auth.AuthSettings.AuthLevel.NONE;
|
||||
|
||||
import com.google.appengine.api.users.UserService;
|
||||
import javax.inject.Inject;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
/**
|
||||
* Authentication mechanism which uses the X-AppEngine-QueueName header set by App Engine for
|
||||
* internal requests.
|
||||
*
|
||||
* <p>Task queue push task requests set this header value to the actual queue name. Cron requests
|
||||
* set this header value to __cron, since that's actually the name of the hidden queue used for cron
|
||||
* requests. Cron also sets the header X-AppEngine-Cron, which we could check, but it's simpler just
|
||||
* to check the one.
|
||||
*
|
||||
* <p>App Engine allows app admins to set these headers for testing purposes. Because of this, we
|
||||
* also need to verify that the current user is null, indicating that there is no user, to prevent
|
||||
* access by someone with "admin" privileges. If the user is an admin, UserService presumably must
|
||||
* return a User object.
|
||||
*
|
||||
* <p>See <a href=
|
||||
* "https://cloud.google.com/appengine/docs/java/taskqueue/push/creating-handlers#reading_request_headers">task
|
||||
* handler request header documentation</a>
|
||||
*/
|
||||
public class AppEngineInternalAuthenticationMechanism implements AuthenticationMechanism {
|
||||
|
||||
// As defined in the App Engine request header documentation.
|
||||
private static final String QUEUE_NAME_HEADER = "X-AppEngine-QueueName";
|
||||
|
||||
private UserService userService;
|
||||
|
||||
@Inject
|
||||
public AppEngineInternalAuthenticationMechanism(UserService userService) {
|
||||
this.userService = userService;
|
||||
}
|
||||
|
||||
@Override
|
||||
public AuthResult authenticate(HttpServletRequest request) {
|
||||
if (request.getHeader(QUEUE_NAME_HEADER) == null || userService.getCurrentUser() != null) {
|
||||
return AuthResult.create(NONE);
|
||||
} else {
|
||||
return AuthResult.create(APP);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -15,63 +15,65 @@
|
|||
package google.registry.request.auth;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import google.registry.flows.EppTlsAction;
|
||||
import google.registry.flows.TlsCredentials;
|
||||
import google.registry.request.auth.AuthSettings.AuthLevel;
|
||||
import google.registry.request.auth.AuthSettings.AuthMethod;
|
||||
import google.registry.request.auth.AuthSettings.UserPolicy;
|
||||
import google.registry.ui.server.registrar.HtmlAction;
|
||||
import google.registry.ui.server.registrar.JsonGetAction;
|
||||
|
||||
/** Enum used to configure authentication settings for Actions. */
|
||||
public enum Auth {
|
||||
|
||||
/**
|
||||
* Allows anyone access, doesn't attempt to authenticate user.
|
||||
*
|
||||
* <p>Will never return absent(), but only authenticates access from App Engine task-queues. For
|
||||
* everyone else - returns NOT_AUTHENTICATED.
|
||||
*/
|
||||
AUTH_PUBLIC_ANONYMOUS(ImmutableList.of(AuthMethod.INTERNAL), AuthLevel.NONE, UserPolicy.PUBLIC),
|
||||
|
||||
/**
|
||||
* Allows anyone to access, does attempt to authenticate user.
|
||||
* Allows anyone to access.
|
||||
*
|
||||
* <p>If a user is logged in, will authenticate (and return) them. Otherwise, access is still
|
||||
* granted, but NOT_AUTHENTICATED is returned.
|
||||
*
|
||||
* <p>Will never return absent().
|
||||
* <p>This is used for public HTML endpoints like RDAP, the check API, and web WHOIS.
|
||||
*
|
||||
* <p>User-facing legacy console endpoints (those that extend {@link HtmlAction}) also use it.
|
||||
* They need to allow requests from signed-out users so that they can redirect users to the login
|
||||
* page. After a user is logged in, they check if the user actually has access to the specific
|
||||
* console using {@link AuthenticatedRegistrarAccessor}.
|
||||
*
|
||||
* @see HtmlAction
|
||||
*/
|
||||
AUTH_PUBLIC(
|
||||
ImmutableList.of(AuthMethod.INTERNAL, AuthMethod.API, AuthMethod.LEGACY),
|
||||
AuthLevel.NONE,
|
||||
UserPolicy.PUBLIC),
|
||||
ImmutableList.of(AuthMethod.API, AuthMethod.LEGACY), AuthLevel.NONE, UserPolicy.PUBLIC),
|
||||
|
||||
/**
|
||||
* Allows anyone to access, as long as they are logged in.
|
||||
*
|
||||
* <p>Does not allow access from App Engine task-queues.
|
||||
* <p>This is used by legacy registrar console programmatic endpoints (those that extend {@link
|
||||
* JsonGetAction}, which are accessed via XHR requests sent from a logged-in user when performing
|
||||
* actions on the console.
|
||||
*/
|
||||
AUTH_PUBLIC_LOGGED_IN(
|
||||
ImmutableList.of(AuthMethod.API, AuthMethod.LEGACY), AuthLevel.USER, UserPolicy.PUBLIC),
|
||||
|
||||
/**
|
||||
* Allows anyone to access, as long as they use OAuth to authenticate.
|
||||
* Allows any client to access, as long as they are logged in via API-based authentication
|
||||
* mechanisms.
|
||||
*
|
||||
* <p>Also allows access from App Engine task-queue. Note that OAuth client ID still needs to be
|
||||
* allow-listed in the config file for OAuth-based authentication to succeed.
|
||||
* <p>This is used by the proxy to access Nomulus endpoints. The proxy service account does NOT
|
||||
* have admin privileges. For EPP, we handle client authentication within {@link EppTlsAction},
|
||||
* using {@link TlsCredentials}. For WHOIS, anyone connecting to the proxy can access.
|
||||
*
|
||||
* <p>Note that the proxy service account DOES need to be allow-listed in the {@code
|
||||
* auth.allowedServiceAccountEmails} field in the config YAML file in order for OIDC-based
|
||||
* authentication to pass.
|
||||
*/
|
||||
AUTH_PUBLIC_OR_INTERNAL(
|
||||
ImmutableList.of(AuthMethod.INTERNAL, AuthMethod.API), AuthLevel.APP, UserPolicy.PUBLIC),
|
||||
|
||||
/** Allows only admins or App Engine task-queue access. */
|
||||
AUTH_INTERNAL_OR_ADMIN(
|
||||
ImmutableList.of(AuthMethod.INTERNAL, AuthMethod.API), AuthLevel.APP, UserPolicy.ADMIN),
|
||||
AUTH_API_PUBLIC(ImmutableList.of(AuthMethod.API), AuthLevel.APP, UserPolicy.PUBLIC),
|
||||
|
||||
/**
|
||||
* Allows only App Engine task-queue access.
|
||||
* Allows only admins to access.
|
||||
*
|
||||
* <p>In general, prefer AUTH_INTERNAL_OR_ADMIN. This level of access should be reserved for
|
||||
* endpoints that have some sensitivity (it was introduced to mitigate a remote-shell
|
||||
* vulnerability).
|
||||
* <p>This applies to the majority of the endpoints.
|
||||
*/
|
||||
AUTH_INTERNAL_ONLY(ImmutableList.of(AuthMethod.INTERNAL), AuthLevel.APP, UserPolicy.IGNORED);
|
||||
AUTH_API_ADMIN(ImmutableList.of(AuthMethod.API), AuthLevel.APP, UserPolicy.ADMIN);
|
||||
|
||||
private final AuthSettings authSettings;
|
||||
|
||||
|
|
|
|||
|
|
@ -42,9 +42,6 @@ public abstract class AuthSettings {
|
|||
/** Available methods for authentication. */
|
||||
public enum AuthMethod {
|
||||
|
||||
/** App Engine internal authentication. Must always be provided as the first method. */
|
||||
INTERNAL,
|
||||
|
||||
/** Authentication methods suitable for API-style access, such as OAuth 2. */
|
||||
API,
|
||||
|
||||
|
|
@ -55,7 +52,7 @@ public abstract class AuthSettings {
|
|||
/**
|
||||
* Authentication level.
|
||||
*
|
||||
* <p>Used by {@link Auth} to specify what authentication is required, and by {@link AuthResult})
|
||||
* <p>Used by {@link Auth} to specify what authentication is required, and by {@link AuthResult}
|
||||
* to specify what authentication was found. These are a series of levels, from least to most
|
||||
* authentication required. The lowest level of requirement, NONE, can be satisfied by any level
|
||||
* of authentication, while the highest level, USER, can only be satisfied by the authentication
|
||||
|
|
@ -92,9 +89,6 @@ public abstract class AuthSettings {
|
|||
/** User authorization policy options. */
|
||||
public enum UserPolicy {
|
||||
|
||||
/** This action ignores end users; the only configured auth method must be INTERNAL. */
|
||||
IGNORED,
|
||||
|
||||
/** No user policy is enforced; anyone can access this action. */
|
||||
PUBLIC,
|
||||
|
||||
|
|
|
|||
|
|
@ -15,13 +15,15 @@
|
|||
package google.registry.request.auth;
|
||||
|
||||
import static com.google.common.base.Preconditions.checkArgument;
|
||||
import static google.registry.request.auth.AuthSettings.AuthLevel.APP;
|
||||
import static google.registry.request.auth.AuthSettings.AuthLevel.NONE;
|
||||
import static google.registry.request.auth.AuthSettings.AuthLevel.USER;
|
||||
import static google.registry.request.auth.AuthSettings.UserPolicy.ADMIN;
|
||||
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.common.collect.Ordering;
|
||||
import com.google.common.flogger.FluentLogger;
|
||||
import google.registry.request.auth.AuthSettings.AuthLevel;
|
||||
import google.registry.request.auth.AuthSettings.AuthMethod;
|
||||
import google.registry.request.auth.AuthSettings.UserPolicy;
|
||||
import java.util.Optional;
|
||||
import javax.inject.Inject;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
|
@ -29,7 +31,6 @@ import javax.servlet.http.HttpServletRequest;
|
|||
/** Top-level authentication/authorization class; calls authentication mechanisms as needed. */
|
||||
public class RequestAuthenticator {
|
||||
|
||||
private final AppEngineInternalAuthenticationMechanism appEngineInternalAuthenticationMechanism;
|
||||
private final ImmutableList<AuthenticationMechanism> apiAuthenticationMechanisms;
|
||||
private final LegacyAuthenticationMechanism legacyAuthenticationMechanism;
|
||||
|
||||
|
|
@ -37,10 +38,8 @@ public class RequestAuthenticator {
|
|||
|
||||
@Inject
|
||||
public RequestAuthenticator(
|
||||
AppEngineInternalAuthenticationMechanism appEngineInternalAuthenticationMechanism,
|
||||
ImmutableList<AuthenticationMechanism> apiAuthenticationMechanisms,
|
||||
LegacyAuthenticationMechanism legacyAuthenticationMechanism) {
|
||||
this.appEngineInternalAuthenticationMechanism = appEngineInternalAuthenticationMechanism;
|
||||
this.apiAuthenticationMechanisms = apiAuthenticationMechanisms;
|
||||
this.legacyAuthenticationMechanism = legacyAuthenticationMechanism;
|
||||
}
|
||||
|
|
@ -58,42 +57,19 @@ public class RequestAuthenticator {
|
|||
public Optional<AuthResult> authorize(AuthSettings auth, HttpServletRequest req) {
|
||||
logger.atInfo().log("Action requires auth: %s", auth);
|
||||
AuthResult authResult = authenticate(auth, req);
|
||||
switch (auth.minimumLevel()) {
|
||||
case NONE:
|
||||
// Any authentication result is ok.
|
||||
break;
|
||||
case APP:
|
||||
if (!authResult.isAuthenticated()) {
|
||||
logger.atWarning().log("Not authorized; no authentication found.");
|
||||
return Optional.empty();
|
||||
}
|
||||
break;
|
||||
case USER:
|
||||
if (authResult.authLevel() != AuthLevel.USER) {
|
||||
logger.atWarning().log("Not authorized; no authenticated user.");
|
||||
// TODO(mountford): change this so that the caller knows to return a more helpful error
|
||||
return Optional.empty();
|
||||
}
|
||||
break;
|
||||
if (auth.minimumLevel() == APP && !authResult.isAuthenticated()) {
|
||||
logger.atWarning().log("Not authorized; no authentication found.");
|
||||
return Optional.empty();
|
||||
} else if (auth.minimumLevel() == USER && authResult.authLevel() != USER) {
|
||||
logger.atWarning().log("Not authorized; no authenticated user.");
|
||||
return Optional.empty();
|
||||
}
|
||||
switch (auth.userPolicy()) {
|
||||
case IGNORED:
|
||||
if (authResult.authLevel() == AuthLevel.USER) {
|
||||
logger.atWarning().log("Not authorized; user policy is IGNORED, but a user was found.");
|
||||
return Optional.empty();
|
||||
}
|
||||
break;
|
||||
case PUBLIC:
|
||||
// Any user auth result is okay.
|
||||
break;
|
||||
case ADMIN:
|
||||
if (authResult.userAuthInfo().isPresent()
|
||||
&& !authResult.userAuthInfo().get().isUserAdmin()) {
|
||||
logger.atWarning().log(
|
||||
"Not authorized; user policy is ADMIN, but the user was not an admin.");
|
||||
return Optional.empty();
|
||||
}
|
||||
break;
|
||||
if (auth.userPolicy() == ADMIN
|
||||
&& authResult.userAuthInfo().isPresent()
|
||||
&& !authResult.userAuthInfo().get().isUserAdmin()) {
|
||||
logger.atWarning().log(
|
||||
"Not authorized; user policy is ADMIN, but the user was not an admin.");
|
||||
return Optional.empty();
|
||||
}
|
||||
return Optional.of(authResult);
|
||||
}
|
||||
|
|
@ -110,18 +86,8 @@ public class RequestAuthenticator {
|
|||
for (AuthMethod authMethod : auth.methods()) {
|
||||
AuthResult authResult;
|
||||
switch (authMethod) {
|
||||
// App Engine internal authentication, using the queue name header
|
||||
case INTERNAL:
|
||||
// checkAuthConfig will have insured that the user policy is not USER.
|
||||
authResult = appEngineInternalAuthenticationMechanism.authenticate(req);
|
||||
if (authResult.isAuthenticated()) {
|
||||
logger.atInfo().log("Authenticated via internal auth: %s", authResult);
|
||||
return authResult;
|
||||
}
|
||||
break;
|
||||
// API-based user authentication mechanisms, such as OAuth
|
||||
// API-based user authentication mechanisms, such as OAuth and OIDC.
|
||||
case API:
|
||||
// checkAuthConfig will have insured that the user policy is not IGNORED.
|
||||
for (AuthenticationMechanism authMechanism : apiAuthenticationMechanisms) {
|
||||
authResult = authMechanism.authenticate(req);
|
||||
if (authResult.isAuthenticated()) {
|
||||
|
|
@ -133,7 +99,6 @@ public class RequestAuthenticator {
|
|||
break;
|
||||
// Legacy authentication via UserService
|
||||
case LEGACY:
|
||||
// checkAuthConfig will have insured that the user policy is not IGNORED.
|
||||
authResult = legacyAuthenticationMechanism.authenticate(req);
|
||||
if (authResult.isAuthenticated()) {
|
||||
logger.atInfo().log("Authenticated via legacy auth: %s", authResult);
|
||||
|
|
@ -151,15 +116,10 @@ public class RequestAuthenticator {
|
|||
ImmutableList<AuthMethod> authMethods = ImmutableList.copyOf(auth.methods());
|
||||
checkArgument(!authMethods.isEmpty(), "Must specify at least one auth method");
|
||||
checkArgument(
|
||||
Ordering.explicit(AuthMethod.INTERNAL, AuthMethod.API, AuthMethod.LEGACY)
|
||||
.isStrictlyOrdered(authMethods),
|
||||
"Auth methods must be unique and strictly in order - INTERNAL, API, LEGACY");
|
||||
Ordering.explicit(AuthMethod.API, AuthMethod.LEGACY).isStrictlyOrdered(authMethods),
|
||||
"Auth methods must be unique and strictly in order - API, LEGACY");
|
||||
checkArgument(
|
||||
!(authMethods.contains(AuthMethod.INTERNAL) && auth.minimumLevel().equals(AuthLevel.USER)),
|
||||
"Actions with INTERNAL auth method may not require USER auth level");
|
||||
checkArgument(
|
||||
!(auth.userPolicy().equals(UserPolicy.IGNORED)
|
||||
&& !authMethods.equals(ImmutableList.of(AuthMethod.INTERNAL))),
|
||||
"Actions with auth methods beyond INTERNAL must not specify the IGNORED user policy");
|
||||
(auth.minimumLevel() != NONE) || (auth.userPolicy() != ADMIN),
|
||||
"Actions with minimal auth level at NONE should not specify ADMIN user policy");
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -69,7 +69,7 @@ import org.joda.time.Duration;
|
|||
path = NordnUploadAction.PATH,
|
||||
method = Action.Method.POST,
|
||||
automaticallyPrintOk = true,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class NordnUploadAction implements Runnable {
|
||||
|
||||
static final String PATH = "/_dr/task/nordnUpload";
|
||||
|
|
|
|||
|
|
@ -54,7 +54,7 @@ import javax.inject.Inject;
|
|||
path = NordnVerifyAction.PATH,
|
||||
method = Action.Method.POST,
|
||||
automaticallyPrintOk = true,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class NordnVerifyAction implements Runnable {
|
||||
|
||||
static final String PATH = "/_dr/task/nordnVerify";
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ import javax.inject.Inject;
|
|||
path = "/_dr/task/tmchCrl",
|
||||
method = POST,
|
||||
automaticallyPrintOk = true,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class TmchCrlAction implements Runnable {
|
||||
|
||||
@Inject Marksdb marksdb;
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ import org.bouncycastle.openpgp.PGPException;
|
|||
path = "/_dr/task/tmchDnl",
|
||||
method = POST,
|
||||
automaticallyPrintOk = true,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class TmchDnlAction implements Runnable {
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ import org.bouncycastle.openpgp.PGPException;
|
|||
path = "/_dr/task/tmchSmdrl",
|
||||
method = POST,
|
||||
automaticallyPrintOk = true,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class TmchSmdrlAction implements Runnable {
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
|
|
|||
|
|
@ -43,7 +43,7 @@ import javax.inject.Inject;
|
|||
service = Action.Service.TOOLS,
|
||||
path = CreateGroupsAction.PATH,
|
||||
method = POST,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class CreateGroupsAction implements Runnable {
|
||||
|
||||
public static final String PATH = "/_dr/admin/createGroups";
|
||||
|
|
|
|||
|
|
@ -65,7 +65,7 @@ import org.joda.time.Duration;
|
|||
service = Action.Service.TOOLS,
|
||||
path = GenerateZoneFilesAction.PATH,
|
||||
method = POST,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class GenerateZoneFilesAction implements Runnable, JsonActionRunner.JsonAction {
|
||||
|
||||
private static final FluentLogger log = FluentLogger.forEnclosingClass();
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ import javax.inject.Inject;
|
|||
service = Action.Service.TOOLS,
|
||||
path = ListDomainsAction.PATH,
|
||||
method = {GET, POST},
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class ListDomainsAction extends ListObjectsAction<Domain> {
|
||||
|
||||
/** An App Engine limitation on how many subqueries can be used in a single query. */
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ import org.joda.time.DateTime;
|
|||
service = Action.Service.TOOLS,
|
||||
path = ListHostsAction.PATH,
|
||||
method = {GET, POST},
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class ListHostsAction extends ListObjectsAction<Host> {
|
||||
|
||||
public static final String PATH = "/_dr/admin/list/hosts";
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ import javax.inject.Inject;
|
|||
service = Action.Service.TOOLS,
|
||||
path = ListPremiumListsAction.PATH,
|
||||
method = {GET, POST},
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class ListPremiumListsAction extends ListObjectsAction<PremiumList> {
|
||||
|
||||
public static final String PATH = "/_dr/admin/list/premiumLists";
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ import javax.inject.Inject;
|
|||
service = Action.Service.TOOLS,
|
||||
path = ListRegistrarsAction.PATH,
|
||||
method = {GET, POST},
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class ListRegistrarsAction extends ListObjectsAction<Registrar> {
|
||||
|
||||
public static final String PATH = "/_dr/admin/list/registrars";
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ import javax.inject.Inject;
|
|||
service = Action.Service.TOOLS,
|
||||
path = ListReservedListsAction.PATH,
|
||||
method = {GET, POST},
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class ListReservedListsAction extends ListObjectsAction<ReservedList> {
|
||||
|
||||
public static final String PATH = "/_dr/admin/list/reservedLists";
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ import org.joda.time.DateTime;
|
|||
service = Action.Service.TOOLS,
|
||||
path = ListTldsAction.PATH,
|
||||
method = {GET, POST},
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public final class ListTldsAction extends ListObjectsAction<Tld> {
|
||||
|
||||
public static final String PATH = "/_dr/admin/list/tlds";
|
||||
|
|
|
|||
|
|
@ -46,17 +46,13 @@ import org.joda.time.Duration;
|
|||
* are responsible for enqueuing refresh tasks for subordinate hosts. So this action thus refreshes
|
||||
* DNS for everything applicable under all TLDs under management.
|
||||
*
|
||||
* <p>Because there are no auth settings in the {@link Action} annotation, this command can only be
|
||||
* run internally, or by pretending to be internal by setting the X-AppEngine-QueueName header,
|
||||
* which only admin users can do.
|
||||
*
|
||||
* <p>You may pass in a {@code batchSize} for the batched read of domains from the database. This is
|
||||
* recommended to be somewhere between 200 and 500. The default value is 250.
|
||||
*/
|
||||
@Action(
|
||||
service = Action.Service.TOOLS,
|
||||
path = "/_dr/task/refreshDnsForAllDomains",
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class RefreshDnsForAllDomainsAction implements Runnable {
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ import javax.inject.Inject;
|
|||
service = Action.Service.TOOLS,
|
||||
path = VerifyOteAction.PATH,
|
||||
method = Action.Method.POST,
|
||||
auth = Auth.AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = Auth.AUTH_API_ADMIN)
|
||||
public class VerifyOteAction implements Runnable, JsonAction {
|
||||
|
||||
public static final String PATH = "/_dr/admin/verifyOte";
|
||||
|
|
|
|||
|
|
@ -124,7 +124,7 @@ public final class ConsoleUiAction extends HtmlAction {
|
|||
// requireFeeExtension) - to make sure the user indeed has access to the guessed registrar.
|
||||
//
|
||||
// Note that not doing so (and just passing the "clientId" as given) isn't a security issue
|
||||
// since we double check the access to the registrar on any read / update request. We have to
|
||||
// since we double-check the access to the registrar on any read / update request. We have to
|
||||
// - since the access might get revoked between the initial page load and the request! (also
|
||||
// because the requests come from the browser, and can easily be faked)
|
||||
registrarAccessor.getRegistrar(clientId);
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ import javax.servlet.http.HttpServletRequest;
|
|||
* Handles some of the nitty-gritty of responding to requests that should return HTML, including
|
||||
* login, redirects, analytics, and some headers.
|
||||
*
|
||||
* If the user is not logged in, this will redirect to the login URL.
|
||||
* <p>If the user is not logged in, this will redirect to the login URL.
|
||||
*/
|
||||
public abstract class HtmlAction implements Runnable {
|
||||
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ import javax.inject.Inject;
|
|||
@Action(
|
||||
service = Action.Service.DEFAULT,
|
||||
path = RegistryLockVerifyAction.PATH,
|
||||
auth = Auth.AUTH_PUBLIC_LOGGED_IN)
|
||||
auth = Auth.AUTH_PUBLIC)
|
||||
public final class RegistryLockVerifyAction extends HtmlAction {
|
||||
|
||||
public static final String PATH = "/registry-lock-verify";
|
||||
|
|
|
|||
|
|
@ -51,7 +51,7 @@ import org.joda.time.DateTime;
|
|||
service = Action.Service.PUBAPI,
|
||||
path = "/_dr/whois",
|
||||
method = POST,
|
||||
auth = Auth.AUTH_PUBLIC_OR_INTERNAL)
|
||||
auth = Auth.AUTH_API_PUBLIC)
|
||||
public class WhoisAction implements Runnable {
|
||||
|
||||
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
|
||||
|
|
|
|||
|
|
@ -97,7 +97,7 @@ import org.joda.time.Duration;
|
|||
service = Action.Service.PUBAPI,
|
||||
path = WhoisHttpAction.PATH,
|
||||
isPrefix = true,
|
||||
auth = Auth.AUTH_PUBLIC_ANONYMOUS)
|
||||
auth = Auth.AUTH_PUBLIC)
|
||||
public final class WhoisHttpAction implements Runnable {
|
||||
|
||||
public static final String PATH = "/whois/";
|
||||
|
|
|
|||
|
|
@ -47,7 +47,7 @@ class RdapActionBaseTest extends RdapActionBaseTestCase<RdapActionBaseTest.RdapT
|
|||
service = Action.Service.PUBAPI,
|
||||
path = "/rdap/test/",
|
||||
method = {GET, HEAD},
|
||||
auth = Auth.AUTH_PUBLIC_ANONYMOUS)
|
||||
auth = Auth.AUTH_PUBLIC)
|
||||
public static class RdapTestAction extends RdapActionBase {
|
||||
|
||||
public RdapTestAction() {
|
||||
|
|
|
|||
|
|
@ -18,8 +18,7 @@ import static com.google.common.truth.Truth.assertThat;
|
|||
import static com.google.common.truth.Truth8.assertThat;
|
||||
import static google.registry.request.Action.Method.GET;
|
||||
import static google.registry.request.Action.Method.POST;
|
||||
import static google.registry.request.auth.Auth.AUTH_INTERNAL_ONLY;
|
||||
import static google.registry.request.auth.Auth.AUTH_INTERNAL_OR_ADMIN;
|
||||
import static google.registry.request.auth.Auth.AUTH_API_ADMIN;
|
||||
import static google.registry.request.auth.Auth.AUTH_PUBLIC;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.ArgumentMatchers.eq;
|
||||
|
|
@ -123,7 +122,7 @@ public final class RequestHandlerTest {
|
|||
@Action(
|
||||
service = Action.Service.DEFAULT,
|
||||
path = "/auth/adminUser",
|
||||
auth = AUTH_INTERNAL_OR_ADMIN,
|
||||
auth = AUTH_API_ADMIN,
|
||||
method = GET)
|
||||
public class AuthAdminUserAction extends AuthBase {
|
||||
AuthAdminUserAction(AuthResult authResult) {
|
||||
|
|
@ -131,17 +130,6 @@ public final class RequestHandlerTest {
|
|||
}
|
||||
}
|
||||
|
||||
@Action(
|
||||
service = Action.Service.DEFAULT,
|
||||
path = "/auth/internal",
|
||||
auth = AUTH_INTERNAL_ONLY,
|
||||
method = GET)
|
||||
public class AuthInternalAction extends AuthBase {
|
||||
AuthInternalAction(AuthResult authResult) {
|
||||
super(authResult);
|
||||
}
|
||||
}
|
||||
|
||||
public class Component {
|
||||
|
||||
private RequestModule requestModule = null;
|
||||
|
|
@ -181,10 +169,6 @@ public final class RequestHandlerTest {
|
|||
public AuthAdminUserAction authAdminUserAction() {
|
||||
return new AuthAdminUserAction(component.getRequestModule().provideAuthResult());
|
||||
}
|
||||
|
||||
public AuthInternalAction authInternalAction() {
|
||||
return new AuthInternalAction(component.getRequestModule().provideAuthResult());
|
||||
}
|
||||
}
|
||||
|
||||
/** Fake Builder for the fake component above to satisfy RequestHandler expectations. */
|
||||
|
|
@ -442,7 +426,7 @@ public final class RequestHandlerTest {
|
|||
void testAuthNeeded_failure() throws Exception {
|
||||
when(req.getMethod()).thenReturn("GET");
|
||||
when(req.getRequestURI()).thenReturn("/auth/adminUser");
|
||||
when(requestAuthenticator.authorize(AUTH_INTERNAL_OR_ADMIN.authSettings(), req))
|
||||
when(requestAuthenticator.authorize(AUTH_API_ADMIN.authSettings(), req))
|
||||
.thenReturn(Optional.empty());
|
||||
|
||||
handler.handleRequest(req, rsp);
|
||||
|
|
@ -455,7 +439,7 @@ public final class RequestHandlerTest {
|
|||
void testAuthNeeded_success() throws Exception {
|
||||
when(req.getMethod()).thenReturn("GET");
|
||||
when(req.getRequestURI()).thenReturn("/auth/adminUser");
|
||||
when(requestAuthenticator.authorize(AUTH_INTERNAL_OR_ADMIN.authSettings(), req))
|
||||
when(requestAuthenticator.authorize(AUTH_API_ADMIN.authSettings(), req))
|
||||
.thenReturn(
|
||||
Optional.of(AuthResult.create(AuthLevel.USER, UserAuthInfo.create(testUser, true))));
|
||||
|
||||
|
|
@ -468,32 +452,4 @@ public final class RequestHandlerTest {
|
|||
assertThat(providedAuthResult.userAuthInfo().get().oauthTokenInfo()).isEmpty();
|
||||
assertMetric("/auth/adminUser", GET, AuthLevel.USER, true);
|
||||
}
|
||||
|
||||
@Test
|
||||
void testInternalAuthNeeded_failure() throws Exception {
|
||||
when(req.getMethod()).thenReturn("GET");
|
||||
when(req.getRequestURI()).thenReturn("/auth/internal");
|
||||
when(requestAuthenticator.authorize(AUTH_INTERNAL_ONLY.authSettings(), req))
|
||||
.thenReturn(Optional.empty());
|
||||
|
||||
handler.handleRequest(req, rsp);
|
||||
|
||||
verify(rsp).sendError(403, "Not authorized");
|
||||
assertThat(providedAuthResult).isNull();
|
||||
}
|
||||
|
||||
@Test
|
||||
void testInternalAuthNeeded_success() throws Exception {
|
||||
when(req.getMethod()).thenReturn("GET");
|
||||
when(req.getRequestURI()).thenReturn("/auth/internal");
|
||||
when(requestAuthenticator.authorize(AUTH_INTERNAL_ONLY.authSettings(), req))
|
||||
.thenReturn(Optional.of(AuthResult.create(AuthLevel.APP)));
|
||||
|
||||
handler.handleRequest(req, rsp);
|
||||
|
||||
assertThat(providedAuthResult).isNotNull();
|
||||
assertThat(providedAuthResult.authLevel()).isEqualTo(AuthLevel.APP);
|
||||
assertThat(providedAuthResult.userAuthInfo()).isEmpty();
|
||||
assertMetric("/auth/internal", GET, AuthLevel.APP, true);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ package google.registry.request;
|
|||
|
||||
import static com.google.common.truth.Truth.assertThat;
|
||||
import static com.google.common.truth.Truth8.assertThat;
|
||||
import static google.registry.request.auth.Auth.AUTH_INTERNAL_OR_ADMIN;
|
||||
import static google.registry.request.auth.Auth.AUTH_API_ADMIN;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
|
||||
import java.util.Optional;
|
||||
|
|
@ -42,7 +42,7 @@ public final class RouterTest {
|
|||
|
||||
////////////////////////////////////////////////////////////////////////////////////////////////
|
||||
|
||||
@Action(service = Action.Service.DEFAULT, path = "/sloth", auth = AUTH_INTERNAL_OR_ADMIN)
|
||||
@Action(service = Action.Service.DEFAULT, path = "/sloth", auth = AUTH_API_ADMIN)
|
||||
public static final class SlothTask implements Runnable {
|
||||
@Override
|
||||
public void run() {}
|
||||
|
|
@ -76,7 +76,7 @@ public final class RouterTest {
|
|||
service = Action.Service.DEFAULT,
|
||||
path = "/prefix",
|
||||
isPrefix = true,
|
||||
auth = AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = AUTH_API_ADMIN)
|
||||
public static final class PrefixTask implements Runnable {
|
||||
@Override
|
||||
public void run() {}
|
||||
|
|
@ -106,7 +106,7 @@ public final class RouterTest {
|
|||
service = Action.Service.DEFAULT,
|
||||
path = "/prefix/long",
|
||||
isPrefix = true,
|
||||
auth = AUTH_INTERNAL_OR_ADMIN)
|
||||
auth = AUTH_API_ADMIN)
|
||||
public static final class LongTask implements Runnable {
|
||||
@Override
|
||||
public void run() {}
|
||||
|
|
@ -158,19 +158,13 @@ public final class RouterTest {
|
|||
|
||||
////////////////////////////////////////////////////////////////////////////////////////////////
|
||||
|
||||
@Action(
|
||||
service = Action.Service.DEFAULT,
|
||||
path = "/samePathAsOtherTask",
|
||||
auth = AUTH_INTERNAL_OR_ADMIN)
|
||||
@Action(service = Action.Service.DEFAULT, path = "/samePathAsOtherTask", auth = AUTH_API_ADMIN)
|
||||
public static final class DuplicateTask1 implements Runnable {
|
||||
@Override
|
||||
public void run() {}
|
||||
}
|
||||
|
||||
@Action(
|
||||
service = Action.Service.DEFAULT,
|
||||
path = "/samePathAsOtherTask",
|
||||
auth = AUTH_INTERNAL_OR_ADMIN)
|
||||
@Action(service = Action.Service.DEFAULT, path = "/samePathAsOtherTask", auth = AUTH_API_ADMIN)
|
||||
public static final class DuplicateTask2 implements Runnable {
|
||||
@Override
|
||||
public void run() {}
|
||||
|
|
|
|||
|
|
@ -49,11 +49,7 @@ class RequestAuthenticatorTest {
|
|||
new JpaTestExtensions.Builder().buildIntegrationTestExtension();
|
||||
|
||||
private static final AuthSettings AUTH_NONE =
|
||||
AuthSettings.create(
|
||||
ImmutableList.of(AuthMethod.INTERNAL), AuthLevel.NONE, UserPolicy.IGNORED);
|
||||
|
||||
private static final AuthSettings AUTH_INTERNAL_OR_ADMIN =
|
||||
AuthSettings.create(ImmutableList.of(AuthMethod.INTERNAL), AuthLevel.APP, UserPolicy.IGNORED);
|
||||
AuthSettings.create(ImmutableList.of(AuthMethod.API), AuthLevel.NONE, UserPolicy.PUBLIC);
|
||||
|
||||
private static final AuthSettings AUTH_ANY_USER_ANY_METHOD =
|
||||
AuthSettings.create(
|
||||
|
|
@ -67,27 +63,18 @@ class RequestAuthenticatorTest {
|
|||
ImmutableList.of(AuthMethod.API, AuthMethod.LEGACY), AuthLevel.USER, UserPolicy.ADMIN);
|
||||
|
||||
private static final AuthSettings AUTH_NO_METHODS =
|
||||
AuthSettings.create(ImmutableList.of(), AuthLevel.APP, UserPolicy.IGNORED);
|
||||
AuthSettings.create(ImmutableList.of(), AuthLevel.APP, UserPolicy.PUBLIC);
|
||||
|
||||
private static final AuthSettings AUTH_WRONG_METHOD_ORDERING =
|
||||
AuthSettings.create(
|
||||
ImmutableList.of(AuthMethod.API, AuthMethod.INTERNAL), AuthLevel.APP, UserPolicy.IGNORED);
|
||||
ImmutableList.of(AuthMethod.LEGACY, AuthMethod.API), AuthLevel.APP, UserPolicy.PUBLIC);
|
||||
|
||||
private static final AuthSettings AUTH_DUPLICATE_METHODS =
|
||||
AuthSettings.create(
|
||||
ImmutableList.of(AuthMethod.INTERNAL, AuthMethod.API, AuthMethod.API),
|
||||
AuthLevel.APP,
|
||||
UserPolicy.IGNORED);
|
||||
ImmutableList.of(AuthMethod.API, AuthMethod.API), AuthLevel.APP, UserPolicy.PUBLIC);
|
||||
|
||||
private static final AuthSettings AUTH_INTERNAL_WITH_USER =
|
||||
AuthSettings.create(
|
||||
ImmutableList.of(AuthMethod.INTERNAL, AuthMethod.API),
|
||||
AuthLevel.USER,
|
||||
UserPolicy.IGNORED);
|
||||
|
||||
private static final AuthSettings AUTH_WRONGLY_IGNORING_USER =
|
||||
AuthSettings.create(
|
||||
ImmutableList.of(AuthMethod.INTERNAL, AuthMethod.API), AuthLevel.APP, UserPolicy.IGNORED);
|
||||
private static final AuthSettings AUTH_NONE_REQUIRES_ADMIN =
|
||||
AuthSettings.create(ImmutableList.of(AuthMethod.API), AuthLevel.NONE, UserPolicy.ADMIN);
|
||||
|
||||
private final UserService mockUserService = mock(UserService.class);
|
||||
private final HttpServletRequest req = mock(HttpServletRequest.class);
|
||||
|
|
@ -96,12 +83,13 @@ class RequestAuthenticatorTest {
|
|||
private final FakeUserService fakeUserService = new FakeUserService();
|
||||
private final XsrfTokenManager xsrfTokenManager =
|
||||
new XsrfTokenManager(new FakeClock(), fakeUserService);
|
||||
private final FakeOAuthService fakeOAuthService = new FakeOAuthService(
|
||||
false /* isOAuthEnabled */,
|
||||
testUser,
|
||||
false /* isUserAdmin */,
|
||||
"test-client-id",
|
||||
ImmutableList.of("test-scope1", "test-scope2", "nontest-scope"));
|
||||
private final FakeOAuthService fakeOAuthService =
|
||||
new FakeOAuthService(
|
||||
false /* isOAuthEnabled */,
|
||||
testUser,
|
||||
false /* isUserAdmin */,
|
||||
"test-client-id",
|
||||
ImmutableList.of("test-scope1", "test-scope2", "nontest-scope"));
|
||||
|
||||
@BeforeEach
|
||||
void beforeEach() {
|
||||
|
|
@ -110,7 +98,6 @@ class RequestAuthenticatorTest {
|
|||
|
||||
private RequestAuthenticator createRequestAuthenticator(UserService userService) {
|
||||
return new RequestAuthenticator(
|
||||
new AppEngineInternalAuthenticationMechanism(fakeUserService),
|
||||
ImmutableList.of(
|
||||
new OAuthAuthenticationMechanism(
|
||||
fakeOAuthService,
|
||||
|
|
@ -121,8 +108,7 @@ class RequestAuthenticatorTest {
|
|||
}
|
||||
|
||||
private Optional<AuthResult> runTest(UserService userService, AuthSettings auth) {
|
||||
return createRequestAuthenticator(userService)
|
||||
.authorize(auth, req);
|
||||
return createRequestAuthenticator(userService).authorize(auth, req);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -134,48 +120,6 @@ class RequestAuthenticatorTest {
|
|||
assertThat(authResult.get().authLevel()).isEqualTo(AuthLevel.NONE);
|
||||
}
|
||||
|
||||
@Test
|
||||
void testNoAuthNeeded_internalFound() {
|
||||
when(req.getHeader("X-AppEngine-QueueName")).thenReturn("__cron");
|
||||
|
||||
Optional<AuthResult> authResult = runTest(mockUserService, AUTH_NONE);
|
||||
|
||||
verifyNoInteractions(mockUserService);
|
||||
assertThat(authResult).isPresent();
|
||||
assertThat(authResult.get().authLevel()).isEqualTo(AuthLevel.APP);
|
||||
assertThat(authResult.get().userAuthInfo()).isEmpty();
|
||||
}
|
||||
|
||||
@Test
|
||||
void testInternalAuth_notInvokedInternally() {
|
||||
Optional<AuthResult> authResult = runTest(mockUserService, AUTH_INTERNAL_OR_ADMIN);
|
||||
|
||||
verifyNoInteractions(mockUserService);
|
||||
assertThat(authResult).isEmpty();
|
||||
}
|
||||
|
||||
@Test
|
||||
void testInternalAuth_success() {
|
||||
when(req.getHeader("X-AppEngine-QueueName")).thenReturn("__cron");
|
||||
|
||||
Optional<AuthResult> authResult = runTest(mockUserService, AUTH_INTERNAL_OR_ADMIN);
|
||||
|
||||
verifyNoInteractions(mockUserService);
|
||||
assertThat(authResult).isPresent();
|
||||
assertThat(authResult.get().authLevel()).isEqualTo(AuthLevel.APP);
|
||||
assertThat(authResult.get().userAuthInfo()).isEmpty();
|
||||
}
|
||||
|
||||
@Test
|
||||
void testInternalAuth_failForAdminUser() {
|
||||
when(req.getHeader("X-AppEngine-QueueName")).thenReturn("__cron");
|
||||
fakeUserService.setUser(testUser, true /* isAdmin */);
|
||||
|
||||
Optional<AuthResult> authResult = runTest(fakeUserService, AUTH_INTERNAL_OR_ADMIN);
|
||||
|
||||
assertThat(authResult).isEmpty();
|
||||
}
|
||||
|
||||
@Test
|
||||
void testAnyUserAnyMethod_notLoggedIn() {
|
||||
Optional<AuthResult> authResult = runTest(fakeUserService, AUTH_ANY_USER_ANY_METHOD);
|
||||
|
|
@ -280,9 +224,9 @@ class RequestAuthenticatorTest {
|
|||
assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo().get().authorizedScopes())
|
||||
.containsAtLeast("test-scope1", "test-scope2");
|
||||
assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo().get().oauthClientId())
|
||||
.isEqualTo("test-client-id");
|
||||
.isEqualTo("test-client-id");
|
||||
assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo().get().rawAccessToken())
|
||||
.isEqualTo("TOKEN");
|
||||
.isEqualTo("TOKEN");
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -303,9 +247,9 @@ class RequestAuthenticatorTest {
|
|||
assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo().get().authorizedScopes())
|
||||
.containsAtLeast("test-scope1", "test-scope2");
|
||||
assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo().get().oauthClientId())
|
||||
.isEqualTo("test-client-id");
|
||||
.isEqualTo("test-client-id");
|
||||
assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo().get().rawAccessToken())
|
||||
.isEqualTo("TOKEN");
|
||||
.isEqualTo("TOKEN");
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -372,9 +316,9 @@ class RequestAuthenticatorTest {
|
|||
assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo().get().authorizedScopes())
|
||||
.containsAtLeast("test-scope1", "test-scope2", "test-scope3");
|
||||
assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo().get().oauthClientId())
|
||||
.isEqualTo("test-client-id");
|
||||
.isEqualTo("test-client-id");
|
||||
assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo().get().rawAccessToken())
|
||||
.isEqualTo("TOKEN");
|
||||
.isEqualTo("TOKEN");
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -387,7 +331,7 @@ class RequestAuthenticatorTest {
|
|||
}
|
||||
|
||||
@Test
|
||||
void testCheckAuthConfig_NoMethods_failure() {
|
||||
void testCheckAuthConfig_noMethods_failure() {
|
||||
IllegalArgumentException thrown =
|
||||
assertThrows(
|
||||
IllegalArgumentException.class,
|
||||
|
|
@ -396,14 +340,25 @@ class RequestAuthenticatorTest {
|
|||
}
|
||||
|
||||
@Test
|
||||
void testCheckAuthConfig_WrongMethodOrdering_failure() {
|
||||
void testCheckAuthConfig_wrongMethodOrdering_failure() {
|
||||
IllegalArgumentException thrown =
|
||||
assertThrows(
|
||||
IllegalArgumentException.class,
|
||||
() -> RequestAuthenticator.checkAuthConfig(AUTH_WRONG_METHOD_ORDERING));
|
||||
assertThat(thrown)
|
||||
.hasMessageThat()
|
||||
.contains("Auth methods must be unique and strictly in order - INTERNAL, API, LEGACY");
|
||||
.contains("Auth methods must be unique and strictly in order - API, LEGACY");
|
||||
}
|
||||
|
||||
@Test
|
||||
void testCheckAuthConfig_noneAuthLevelRequiresAdmin_failure() {
|
||||
IllegalArgumentException thrown =
|
||||
assertThrows(
|
||||
IllegalArgumentException.class,
|
||||
() -> RequestAuthenticator.checkAuthConfig(AUTH_NONE_REQUIRES_ADMIN));
|
||||
assertThat(thrown)
|
||||
.hasMessageThat()
|
||||
.contains("Actions with minimal auth level at NONE should not specify ADMIN user policy");
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -414,29 +369,6 @@ class RequestAuthenticatorTest {
|
|||
() -> RequestAuthenticator.checkAuthConfig(AUTH_DUPLICATE_METHODS));
|
||||
assertThat(thrown)
|
||||
.hasMessageThat()
|
||||
.contains("Auth methods must be unique and strictly in order - INTERNAL, API, LEGACY");
|
||||
}
|
||||
|
||||
@Test
|
||||
void testCheckAuthConfig_InternalWithUser_failure() {
|
||||
IllegalArgumentException thrown =
|
||||
assertThrows(
|
||||
IllegalArgumentException.class,
|
||||
() -> RequestAuthenticator.checkAuthConfig(AUTH_INTERNAL_WITH_USER));
|
||||
assertThat(thrown)
|
||||
.hasMessageThat()
|
||||
.contains("Actions with INTERNAL auth method may not require USER auth level");
|
||||
}
|
||||
|
||||
@Test
|
||||
void testCheckAuthConfig_WronglyIgnoringUser_failure() {
|
||||
IllegalArgumentException thrown =
|
||||
assertThrows(
|
||||
IllegalArgumentException.class,
|
||||
() -> RequestAuthenticator.checkAuthConfig(AUTH_WRONGLY_IGNORING_USER));
|
||||
assertThat(thrown)
|
||||
.hasMessageThat()
|
||||
.contains(
|
||||
"Actions with auth methods beyond INTERNAL must not specify the IGNORED user policy");
|
||||
.contains("Auth methods must be unique and strictly in order - API, LEGACY");
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,39 +1,39 @@
|
|||
PATH CLASS METHODS OK AUTH_METHODS MIN USER_POLICY
|
||||
/_dr/cron/fanout TldFanoutAction GET y INTERNAL,API APP ADMIN
|
||||
/_dr/dnsRefresh RefreshDnsAction GET y INTERNAL,API APP ADMIN
|
||||
/_dr/task/brdaCopy BrdaCopyAction POST y INTERNAL,API APP ADMIN
|
||||
/_dr/task/copyDetailReports CopyDetailReportsAction POST n INTERNAL,API APP ADMIN
|
||||
/_dr/task/deleteExpiredDomains DeleteExpiredDomainsAction GET n INTERNAL,API APP ADMIN
|
||||
/_dr/task/deleteLoadTestData DeleteLoadTestDataAction POST n INTERNAL,API APP ADMIN
|
||||
/_dr/task/deleteProberData DeleteProberDataAction POST n INTERNAL,API APP ADMIN
|
||||
/_dr/task/executeCannedScript CannedScriptExecutionAction POST y INTERNAL,API APP ADMIN
|
||||
/_dr/task/expandBillingRecurrences ExpandBillingRecurrencesAction GET n INTERNAL,API APP ADMIN
|
||||
/_dr/task/exportDomainLists ExportDomainListsAction POST n INTERNAL,API APP ADMIN
|
||||
/_dr/task/exportPremiumTerms ExportPremiumTermsAction POST n INTERNAL,API APP ADMIN
|
||||
/_dr/task/exportReservedTerms ExportReservedTermsAction POST n INTERNAL,API APP ADMIN
|
||||
/_dr/task/generateInvoices GenerateInvoicesAction POST n INTERNAL,API APP ADMIN
|
||||
/_dr/task/generateSpec11 GenerateSpec11ReportAction POST n INTERNAL,API APP ADMIN
|
||||
/_dr/task/icannReportingStaging IcannReportingStagingAction POST n INTERNAL,API APP ADMIN
|
||||
/_dr/task/icannReportingUpload IcannReportingUploadAction POST n INTERNAL,API APP ADMIN
|
||||
/_dr/task/nordnUpload NordnUploadAction POST y INTERNAL,API APP ADMIN
|
||||
/_dr/task/nordnVerify NordnVerifyAction POST y INTERNAL,API APP ADMIN
|
||||
/_dr/task/publishDnsUpdates PublishDnsUpdatesAction POST y INTERNAL,API APP ADMIN
|
||||
/_dr/task/publishInvoices PublishInvoicesAction POST n INTERNAL,API APP ADMIN
|
||||
/_dr/task/publishSpec11 PublishSpec11ReportAction POST n INTERNAL,API APP ADMIN
|
||||
/_dr/task/rdeReport RdeReportAction POST n INTERNAL,API APP ADMIN
|
||||
/_dr/task/rdeStaging RdeStagingAction GET,POST n INTERNAL,API APP ADMIN
|
||||
/_dr/task/rdeUpload RdeUploadAction POST n INTERNAL,API APP ADMIN
|
||||
/_dr/task/readDnsRefreshRequests ReadDnsRefreshRequestsAction POST y INTERNAL,API APP ADMIN
|
||||
/_dr/task/refreshDnsOnHostRename RefreshDnsOnHostRenameAction POST n INTERNAL,API APP ADMIN
|
||||
/_dr/task/relockDomain RelockDomainAction POST y INTERNAL,API APP ADMIN
|
||||
/_dr/task/resaveAllEppResourcesPipeline ResaveAllEppResourcesPipelineAction GET n INTERNAL,API APP ADMIN
|
||||
/_dr/task/resaveEntity ResaveEntityAction POST n INTERNAL,API APP ADMIN
|
||||
/_dr/task/sendExpiringCertificateNotificationEmail SendExpiringCertificateNotificationEmailAction GET n INTERNAL,API APP ADMIN
|
||||
/_dr/task/syncGroupMembers SyncGroupMembersAction POST n INTERNAL,API APP ADMIN
|
||||
/_dr/task/syncRegistrarsSheet SyncRegistrarsSheetAction POST n INTERNAL,API APP ADMIN
|
||||
/_dr/task/tmchCrl TmchCrlAction POST y INTERNAL,API APP ADMIN
|
||||
/_dr/task/tmchDnl TmchDnlAction POST y INTERNAL,API APP ADMIN
|
||||
/_dr/task/tmchSmdrl TmchSmdrlAction POST y INTERNAL,API APP ADMIN
|
||||
/_dr/task/updateRegistrarRdapBaseUrls UpdateRegistrarRdapBaseUrlsAction GET y INTERNAL,API APP ADMIN
|
||||
/_dr/task/wipeOutCloudSql WipeOutCloudSqlAction GET n INTERNAL,API APP ADMIN
|
||||
/_dr/task/wipeOutContactHistoryPii WipeOutContactHistoryPiiAction GET n INTERNAL,API APP ADMIN
|
||||
/_dr/cron/fanout TldFanoutAction GET y API APP ADMIN
|
||||
/_dr/dnsRefresh RefreshDnsAction GET y API APP ADMIN
|
||||
/_dr/task/brdaCopy BrdaCopyAction POST y API APP ADMIN
|
||||
/_dr/task/copyDetailReports CopyDetailReportsAction POST n API APP ADMIN
|
||||
/_dr/task/deleteExpiredDomains DeleteExpiredDomainsAction GET n API APP ADMIN
|
||||
/_dr/task/deleteLoadTestData DeleteLoadTestDataAction POST n API APP ADMIN
|
||||
/_dr/task/deleteProberData DeleteProberDataAction POST n API APP ADMIN
|
||||
/_dr/task/executeCannedScript CannedScriptExecutionAction POST y API APP ADMIN
|
||||
/_dr/task/expandBillingRecurrences ExpandBillingRecurrencesAction GET n API APP ADMIN
|
||||
/_dr/task/exportDomainLists ExportDomainListsAction POST n API APP ADMIN
|
||||
/_dr/task/exportPremiumTerms ExportPremiumTermsAction POST n API APP ADMIN
|
||||
/_dr/task/exportReservedTerms ExportReservedTermsAction POST n API APP ADMIN
|
||||
/_dr/task/generateInvoices GenerateInvoicesAction POST n API APP ADMIN
|
||||
/_dr/task/generateSpec11 GenerateSpec11ReportAction POST n API APP ADMIN
|
||||
/_dr/task/icannReportingStaging IcannReportingStagingAction POST n API APP ADMIN
|
||||
/_dr/task/icannReportingUpload IcannReportingUploadAction POST n API APP ADMIN
|
||||
/_dr/task/nordnUpload NordnUploadAction POST y API APP ADMIN
|
||||
/_dr/task/nordnVerify NordnVerifyAction POST y API APP ADMIN
|
||||
/_dr/task/publishDnsUpdates PublishDnsUpdatesAction POST y API APP ADMIN
|
||||
/_dr/task/publishInvoices PublishInvoicesAction POST n API APP ADMIN
|
||||
/_dr/task/publishSpec11 PublishSpec11ReportAction POST n API APP ADMIN
|
||||
/_dr/task/rdeReport RdeReportAction POST n API APP ADMIN
|
||||
/_dr/task/rdeStaging RdeStagingAction GET,POST n API APP ADMIN
|
||||
/_dr/task/rdeUpload RdeUploadAction POST n API APP ADMIN
|
||||
/_dr/task/readDnsRefreshRequests ReadDnsRefreshRequestsAction POST y API APP ADMIN
|
||||
/_dr/task/refreshDnsOnHostRename RefreshDnsOnHostRenameAction POST n API APP ADMIN
|
||||
/_dr/task/relockDomain RelockDomainAction POST y API APP ADMIN
|
||||
/_dr/task/resaveAllEppResourcesPipeline ResaveAllEppResourcesPipelineAction GET n API APP ADMIN
|
||||
/_dr/task/resaveEntity ResaveEntityAction POST n API APP ADMIN
|
||||
/_dr/task/sendExpiringCertificateNotificationEmail SendExpiringCertificateNotificationEmailAction GET n API APP ADMIN
|
||||
/_dr/task/syncGroupMembers SyncGroupMembersAction POST n API APP ADMIN
|
||||
/_dr/task/syncRegistrarsSheet SyncRegistrarsSheetAction POST n API APP ADMIN
|
||||
/_dr/task/tmchCrl TmchCrlAction POST y API APP ADMIN
|
||||
/_dr/task/tmchDnl TmchDnlAction POST y API APP ADMIN
|
||||
/_dr/task/tmchSmdrl TmchSmdrlAction POST y API APP ADMIN
|
||||
/_dr/task/updateRegistrarRdapBaseUrls UpdateRegistrarRdapBaseUrlsAction GET y API APP ADMIN
|
||||
/_dr/task/wipeOutCloudSql WipeOutCloudSqlAction GET n API APP ADMIN
|
||||
/_dr/task/wipeOutContactHistoryPii WipeOutContactHistoryPiiAction GET n API APP ADMIN
|
||||
|
|
|
|||
|
|
@ -1,13 +1,13 @@
|
|||
PATH CLASS METHODS OK AUTH_METHODS MIN USER_POLICY
|
||||
/_dr/epp EppTlsAction POST n INTERNAL,API APP PUBLIC
|
||||
/console-api/domain ConsoleDomainGetAction GET n API,LEGACY USER PUBLIC
|
||||
/console-api/registrars RegistrarsAction GET n API,LEGACY USER PUBLIC
|
||||
/console-api/settings/contacts ContactAction GET,POST n API,LEGACY USER PUBLIC
|
||||
/registrar ConsoleUiAction GET n INTERNAL,API,LEGACY NONE PUBLIC
|
||||
/registrar-create ConsoleRegistrarCreatorAction POST,GET n INTERNAL,API,LEGACY NONE PUBLIC
|
||||
/registrar-ote-setup ConsoleOteSetupAction POST,GET n INTERNAL,API,LEGACY NONE PUBLIC
|
||||
/registrar-ote-status OteStatusAction POST n API,LEGACY USER PUBLIC
|
||||
/registrar-settings RegistrarSettingsAction POST n API,LEGACY USER PUBLIC
|
||||
/registry-lock-get RegistryLockGetAction GET n API,LEGACY USER PUBLIC
|
||||
/registry-lock-post RegistryLockPostAction POST n API,LEGACY USER PUBLIC
|
||||
/registry-lock-verify RegistryLockVerifyAction GET n API,LEGACY USER PUBLIC
|
||||
PATH CLASS METHODS OK AUTH_METHODS MIN USER_POLICY
|
||||
/_dr/epp EppTlsAction POST n API APP PUBLIC
|
||||
/console-api/domain ConsoleDomainGetAction GET n API,LEGACY USER PUBLIC
|
||||
/console-api/registrars RegistrarsAction GET n API,LEGACY USER PUBLIC
|
||||
/console-api/settings/contacts ContactAction GET,POST n API,LEGACY USER PUBLIC
|
||||
/registrar ConsoleUiAction GET n API,LEGACY NONE PUBLIC
|
||||
/registrar-create ConsoleRegistrarCreatorAction POST,GET n API,LEGACY NONE PUBLIC
|
||||
/registrar-ote-setup ConsoleOteSetupAction POST,GET n API,LEGACY NONE PUBLIC
|
||||
/registrar-ote-status OteStatusAction POST n API,LEGACY USER PUBLIC
|
||||
/registrar-settings RegistrarSettingsAction POST n API,LEGACY USER PUBLIC
|
||||
/registry-lock-get RegistryLockGetAction GET n API,LEGACY USER PUBLIC
|
||||
/registry-lock-post RegistryLockPostAction POST n API,LEGACY USER PUBLIC
|
||||
/registry-lock-verify RegistryLockVerifyAction GET n API,LEGACY NONE PUBLIC
|
||||
|
|
|
|||
|
|
@ -1,13 +1,13 @@
|
|||
PATH CLASS METHODS OK AUTH_METHODS MIN USER_POLICY
|
||||
/_dr/whois WhoisAction POST n INTERNAL,API APP PUBLIC
|
||||
/check CheckApiAction GET n INTERNAL NONE PUBLIC
|
||||
/rdap/autnum/(*) RdapAutnumAction GET,HEAD n INTERNAL NONE PUBLIC
|
||||
/rdap/domain/(*) RdapDomainAction GET,HEAD n INTERNAL,API,LEGACY NONE PUBLIC
|
||||
/rdap/domains RdapDomainSearchAction GET,HEAD n INTERNAL,API,LEGACY NONE PUBLIC
|
||||
/rdap/entities RdapEntitySearchAction GET,HEAD n INTERNAL,API,LEGACY NONE PUBLIC
|
||||
/rdap/entity/(*) RdapEntityAction GET,HEAD n INTERNAL,API,LEGACY NONE PUBLIC
|
||||
/rdap/help(*) RdapHelpAction GET,HEAD n INTERNAL NONE PUBLIC
|
||||
/rdap/ip/(*) RdapIpAction GET,HEAD n INTERNAL NONE PUBLIC
|
||||
/rdap/nameserver/(*) RdapNameserverAction GET,HEAD n INTERNAL NONE PUBLIC
|
||||
/rdap/nameservers RdapNameserverSearchAction GET,HEAD n INTERNAL NONE PUBLIC
|
||||
/whois/(*) WhoisHttpAction GET n INTERNAL NONE PUBLIC
|
||||
PATH CLASS METHODS OK AUTH_METHODS MIN USER_POLICY
|
||||
/_dr/whois WhoisAction POST n API APP PUBLIC
|
||||
/check CheckApiAction GET n API,LEGACY NONE PUBLIC
|
||||
/rdap/autnum/(*) RdapAutnumAction GET,HEAD n API,LEGACY NONE PUBLIC
|
||||
/rdap/domain/(*) RdapDomainAction GET,HEAD n API,LEGACY NONE PUBLIC
|
||||
/rdap/domains RdapDomainSearchAction GET,HEAD n API,LEGACY NONE PUBLIC
|
||||
/rdap/entities RdapEntitySearchAction GET,HEAD n API,LEGACY NONE PUBLIC
|
||||
/rdap/entity/(*) RdapEntityAction GET,HEAD n API,LEGACY NONE PUBLIC
|
||||
/rdap/help(*) RdapHelpAction GET,HEAD n API,LEGACY NONE PUBLIC
|
||||
/rdap/ip/(*) RdapIpAction GET,HEAD n API,LEGACY NONE PUBLIC
|
||||
/rdap/nameserver/(*) RdapNameserverAction GET,HEAD n API,LEGACY NONE PUBLIC
|
||||
/rdap/nameservers RdapNameserverSearchAction GET,HEAD n API,LEGACY NONE PUBLIC
|
||||
/whois/(*) WhoisHttpAction GET n API,LEGACY NONE PUBLIC
|
||||
|
|
|
|||
|
|
@ -1,13 +1,13 @@
|
|||
PATH CLASS METHODS OK AUTH_METHODS MIN USER_POLICY
|
||||
/_dr/admin/createGroups CreateGroupsAction POST n INTERNAL,API APP ADMIN
|
||||
/_dr/admin/list/domains ListDomainsAction GET,POST n INTERNAL,API APP ADMIN
|
||||
/_dr/admin/list/hosts ListHostsAction GET,POST n INTERNAL,API APP ADMIN
|
||||
/_dr/admin/list/premiumLists ListPremiumListsAction GET,POST n INTERNAL,API APP ADMIN
|
||||
/_dr/admin/list/registrars ListRegistrarsAction GET,POST n INTERNAL,API APP ADMIN
|
||||
/_dr/admin/list/reservedLists ListReservedListsAction GET,POST n INTERNAL,API APP ADMIN
|
||||
/_dr/admin/list/tlds ListTldsAction GET,POST n INTERNAL,API APP ADMIN
|
||||
/_dr/admin/verifyOte VerifyOteAction POST n INTERNAL,API APP ADMIN
|
||||
/_dr/epptool EppToolAction POST n INTERNAL,API APP ADMIN
|
||||
/_dr/loadtest LoadTestAction POST y INTERNAL,API APP ADMIN
|
||||
/_dr/task/generateZoneFiles GenerateZoneFilesAction POST n INTERNAL,API APP ADMIN
|
||||
/_dr/task/refreshDnsForAllDomains RefreshDnsForAllDomainsAction GET n INTERNAL,API APP ADMIN
|
||||
/_dr/admin/createGroups CreateGroupsAction POST n API APP ADMIN
|
||||
/_dr/admin/list/domains ListDomainsAction GET,POST n API APP ADMIN
|
||||
/_dr/admin/list/hosts ListHostsAction GET,POST n API APP ADMIN
|
||||
/_dr/admin/list/premiumLists ListPremiumListsAction GET,POST n API APP ADMIN
|
||||
/_dr/admin/list/registrars ListRegistrarsAction GET,POST n API APP ADMIN
|
||||
/_dr/admin/list/reservedLists ListReservedListsAction GET,POST n API APP ADMIN
|
||||
/_dr/admin/list/tlds ListTldsAction GET,POST n API APP ADMIN
|
||||
/_dr/admin/verifyOte VerifyOteAction POST n API APP ADMIN
|
||||
/_dr/epptool EppToolAction POST n API APP ADMIN
|
||||
/_dr/loadtest LoadTestAction POST y API APP ADMIN
|
||||
/_dr/task/generateZoneFiles GenerateZoneFilesAction POST n API APP ADMIN
|
||||
/_dr/task/refreshDnsForAllDomains RefreshDnsForAllDomainsAction GET n API APP ADMIN
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue