From b2162a76aaddd8b2abc6f9b3364a9a92713fb52b Mon Sep 17 00:00:00 2001
From: Peter Nied <petern@amazon.com>
Date: Fri, 27 Jan 2023 04:36:14 +0000
Subject: [PATCH] Ready for pull requeest feedback

Signed-off-by: Peter Nied <petern@amazon.com>
---
 server/src/main/java/org/opensearch/node/Node.java         | 7 ++++++-
 .../src/main/java/org/opensearch/rest/RestController.java  | 5 +++++
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/server/src/main/java/org/opensearch/node/Node.java b/server/src/main/java/org/opensearch/node/Node.java
index dd50ca896773f..3efda815765f6 100644
--- a/server/src/main/java/org/opensearch/node/Node.java
+++ b/server/src/main/java/org/opensearch/node/Node.java
@@ -441,7 +441,12 @@ protected Node(
             // Ensure to initialize Feature Flags via the settings from opensearch.yml
             FeatureFlags.initializeFeatureFlags(settings);
 
-            final IdentityService identityService = new IdentityService(settings, pluginsService.filterPlugins(IdentityPlugin.class));
+            final List<IdentityPlugin> identityPlugins = new ArrayList<>();
+            if (FeatureFlags.isEnabled(FeatureFlags.IDENTITY)) {
+                // If identity is enabled load plugins implementing the extension point
+                identityPlugins.addAll(pluginsService.filterPlugins(IdentityPlugin.class));
+            }
+            final IdentityService identityService = new IdentityService(settings, identityPlugins);
 
             final Set<DiscoveryNodeRole> additionalRoles = pluginsService.filterPlugins(Plugin.class)
                 .stream()
diff --git a/server/src/main/java/org/opensearch/rest/RestController.java b/server/src/main/java/org/opensearch/rest/RestController.java
index 32129dd9c7b84..ecfa6b9f3e0c6 100644
--- a/server/src/main/java/org/opensearch/rest/RestController.java
+++ b/server/src/main/java/org/opensearch/rest/RestController.java
@@ -46,6 +46,7 @@
 import org.opensearch.common.logging.DeprecationLogger;
 import org.opensearch.common.path.PathTrie;
 import org.opensearch.common.util.concurrent.ThreadContext;
+import org.opensearch.common.util.FeatureFlags;
 import org.opensearch.common.xcontent.XContentBuilder;
 import org.opensearch.common.xcontent.XContentType;
 import org.opensearch.core.internal.io.Streams;
@@ -521,6 +522,10 @@ private void handleBadRequest(String uri, RestRequest.Method method, RestChannel
      * @returns false if there was an error and the request should not continue being dispatched
      * */
     private boolean handleAuthenticateUser(final RestRequest request, final RestChannel channel) {    
+        if (!FeatureFlags.isEnabled(FeatureFlags.IDENTITY)) {
+            return true;
+        }
+
         try {
             final AuthToken token = RestTokenExtractor.extractToken(request);
             // If no token was found, continue executing the request