Commit b61a97f3 authored by Diego Molteni's avatar Diego Molteni Committed by Sacha Brants
Browse files

fix: ensure the Auth header is present in a call to SDMS

parent 53e9ba5d
......@@ -19,7 +19,7 @@ import express from 'express';
import jwtProxy, { JwtProxyOptions } from 'jwtproxy';
import { Config, LoggerFactory } from '../cloud';
import { ServiceRouter } from '../services';
import { Feature, FeatureFlags } from '../shared';
import { Error, Feature, FeatureFlags, Response } from '../shared';
import { v4 as uuidv4 } from 'uuid';
import fs from 'fs';
......@@ -109,6 +109,16 @@ export class Server {
req.headers.authorization = req.get('slb-on-behalf-of');
}
// ensure the authorization header is passed
if (!req.headers.authorization) {
if(!req.url.endsWith('svcstatus')) {
Response.writeError(res, Error.make(
Error.Status.UNAUTHENTICATED,
'Unauthenticated Access. Authorizations not found in the request.'));
return;
}
}
// track caller to the main log
const key = req.headers['x-api-key'] as string;
const logger = LoggerFactory.build(Config.CLOUDPROVIDER);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment