Skip to content

Commit

Permalink
Switch security spi example to new style Requests (#32341)
Browse files Browse the repository at this point in the history
In #29623 we added `Request` object flavored requests to the low level
REST client and in #30315 we deprecated the old `performRequest`s. This
changes all calls in the `x-pack/qa/security-example-spi-extension`
project to use the new versions.
  • Loading branch information
nik9000 authored Jul 30, 2018
1 parent c69e62d commit 6706309
Show file tree
Hide file tree
Showing 2 changed files with 28 additions and 15 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,11 @@
*/
package org.elasticsearch.example.realm;

import org.apache.http.message.BasicHeader;
import org.elasticsearch.action.admin.cluster.health.ClusterHealthResponse;
import org.elasticsearch.action.admin.cluster.node.info.NodeInfo;
import org.elasticsearch.action.admin.cluster.node.info.NodesInfoResponse;
import org.elasticsearch.client.Request;
import org.elasticsearch.client.RequestOptions;
import org.elasticsearch.client.Response;
import org.elasticsearch.client.ResponseException;
import org.elasticsearch.client.transport.NoNodeAvailableException;
Expand Down Expand Up @@ -50,7 +51,7 @@ protected Collection<Class<? extends Plugin>> transportClientPlugins() {

public void testHttpConnectionWithNoAuthentication() throws Exception {
try {
getRestClient().performRequest("GET", "/");
getRestClient().performRequest(new Request("GET", "/"));
fail("request should have failed");
} catch(ResponseException e) {
Response response = e.getResponse();
Expand All @@ -61,9 +62,12 @@ public void testHttpConnectionWithNoAuthentication() throws Exception {
}

public void testHttpAuthentication() throws Exception {
Response response = getRestClient().performRequest("GET", "/",
new BasicHeader(CustomRealm.USER_HEADER, CustomRealm.KNOWN_USER),
new BasicHeader(CustomRealm.PW_HEADER, CustomRealm.KNOWN_PW.toString()));
Request request = new Request("GET", "/");
RequestOptions.Builder options = request.getOptions().toBuilder();
options.addHeader(CustomRealm.USER_HEADER, CustomRealm.KNOWN_USER);
options.addHeader(CustomRealm.PW_HEADER, CustomRealm.KNOWN_PW.toString());
request.setOptions(options);
Response response = getRestClient().performRequest(request);
assertThat(response.getStatusLine().getStatusCode(), is(200));
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@
*/
package org.elasticsearch.example.role;

import org.apache.http.message.BasicHeader;
import org.elasticsearch.client.Request;
import org.elasticsearch.client.RequestOptions;
import org.elasticsearch.client.Response;
import org.elasticsearch.client.ResponseException;
import org.elasticsearch.common.network.NetworkModule;
Expand Down Expand Up @@ -33,10 +34,17 @@
* Integration test for custom roles providers.
*/
public class CustomRolesProviderIT extends ESIntegTestCase {

private static final String TEST_USER = "test_user";
private static final String TEST_PWD = "change_me";

private static final RequestOptions AUTH_OPTIONS;
static {
RequestOptions.Builder options = RequestOptions.DEFAULT.toBuilder();
options.addHeader(UsernamePasswordToken.BASIC_AUTH_HEADER,
basicAuthHeaderValue(TEST_USER, new SecureString(TEST_PWD.toCharArray())));
AUTH_OPTIONS = options.build();
}

@Override
protected Settings externalClusterClientSettings() {
return Settings.builder()
Expand All @@ -59,7 +67,9 @@ public void setupTestUser(String role) {
public void testAuthorizedCustomRoleSucceeds() throws Exception {
setupTestUser(ROLE_B);
// roleB has all permissions on index "foo", so creating "foo" should succeed
Response response = getRestClient().performRequest("PUT", "/" + INDEX, authHeader());
Request request = new Request("PUT", "/" + INDEX);
request.setOptions(AUTH_OPTIONS);
Response response = getRestClient().performRequest(request);
assertThat(response.getStatusLine().getStatusCode(), is(200));
}

Expand All @@ -71,7 +81,9 @@ public void testFirstResolvedRoleTakesPrecedence() throws Exception {
setupTestUser(ROLE_A);
// roleB has all permissions on index "foo", so creating "foo" should succeed
try {
getRestClient().performRequest("PUT", "/" + INDEX, authHeader());
Request request = new Request("PUT", "/" + INDEX);
request.setOptions(AUTH_OPTIONS);
getRestClient().performRequest(request);
fail(ROLE_A + " should not be authorized to create index " + INDEX);
} catch (ResponseException e) {
assertThat(e.getResponse().getStatusLine().getStatusCode(), is(403));
Expand All @@ -82,15 +94,12 @@ public void testUnresolvedRoleDoesntSucceed() throws Exception {
setupTestUser("unknown");
// roleB has all permissions on index "foo", so creating "foo" should succeed
try {
getRestClient().performRequest("PUT", "/" + INDEX, authHeader());
Request request = new Request("PUT", "/" + INDEX);
request.setOptions(AUTH_OPTIONS);
getRestClient().performRequest(request);
fail(ROLE_A + " should not be authorized to create index " + INDEX);
} catch (ResponseException e) {
assertThat(e.getResponse().getStatusLine().getStatusCode(), is(403));
}
}

private BasicHeader authHeader() {
return new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER,
basicAuthHeaderValue(TEST_USER, new SecureString(TEST_PWD.toCharArray())));
}
}

0 comments on commit 6706309

Please sign in to comment.