abhishekagarwal87 commented on code in PR #13071:
URL: https://github.com/apache/druid/pull/13071#discussion_r994148369
##########
server/src/main/java/org/apache/druid/server/security/AuthConfig.java:
##########
@@ -82,6 +81,44 @@ public AuthConfig(
@JsonProperty
private final boolean authorizeQueryContextParams;
+ /**
+ * The set of query context keys that are allowed, even when security is
+ * enabled. A null value is the same as an empty set.
+ */
+ @JsonProperty
+ private final Set<String> unsecuredContextKeys;
+
+ /**
+ * The set of query context keys to secure, when context security is
+ * enabled. Null has a special meaning: it means to ignore this set.
+ * Else, only the keys in this set are subject to security. If set,
+ * the unsecured list is ignored.
+ */
+ @JsonProperty
+ private final Set<String> securedContextKeys;
+
+ @JsonCreator
+ public AuthConfig(
+ @JsonProperty("authenticatorChain") List<String> authenticatorChain,
+ @JsonProperty("authorizers") List<String> authorizers,
+ @JsonProperty("unsecuredPaths") List<String> unsecuredPaths,
+ @JsonProperty("allowUnauthenticatedHttpOptions") boolean
allowUnauthenticatedHttpOptions,
+ @JsonProperty("authorizeQueryContextParams") boolean
authorizeQueryContextParams,
+ @JsonProperty("unsecuredContextKeys") Set<String> unsecuredContextKeys,
+ @JsonProperty("securedContextKeys") Set<String> securedContextKeys
+ )
+ {
+ this.authenticatorChain = authenticatorChain;
+ this.authorizers = authorizers;
+ this.unsecuredPaths = unsecuredPaths == null ? Collections.emptyList() :
unsecuredPaths;
+ this.allowUnauthenticatedHttpOptions = allowUnauthenticatedHttpOptions;
+ this.authorizeQueryContextParams = authorizeQueryContextParams;
+ this.unsecuredContextKeys = unsecuredContextKeys == null
+ ? Collections.emptySet()
+ : unsecuredContextKeys;
+ this.securedContextKeys = securedContextKeys;
Review Comment:
should this be initialized as empty map like unsecuredContextKeys?
##########
server/src/main/java/org/apache/druid/server/security/AuthConfig.java:
##########
@@ -107,6 +144,36 @@ public boolean authorizeQueryContextParams()
return authorizeQueryContextParams;
}
+ /**
+ * Filter the user-supplied context keys based on the context key security
+ * rules. If context key security is disabled, then allow all keys. Else,
+ * apply the three key lists defined here.
+ * <ul>
+ * <li>Allow Druid-defined keys.</li>
+ * <li>Allow anything not in the secured context key list.</li>
+ * <li>Allow anything in the config-defined unsecured key list.</li>
+ * </ul>
+ * In the typical case, a site defines either the secured key list
+ * (to handle a few keys that are <i>are not</i> allowed) or the unsecured
key
+ * list (to enumerate a few that <i>are</i> allowed.) If both lists
+ * are given, think of the secured list as exceptions to the unsecured
+ * key list.
+ *
+ * @return the list of secured keys to check via authentication
+ */
+ public Set<String> filterContextKeys(final Set<String> userKeys)
Review Comment:
nit - could we call this method `contextKeysToAuthorize` or
`filterContextKeysToAuthorize`?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
