From b465309d91cca7336bb28cccb22d9bda70c77810 Mon Sep 17 00:00:00 2001
From: Debjani Banerjee <56744681+debjanibnrj@users.noreply.github.com>
Date: Thu, 4 Feb 2021 16:27:18 -0800
Subject: [PATCH] =?UTF-8?q?Revert=20"Using=20SAML=20subject=5Fkey=20and=20?=
 =?UTF-8?q?roles=5Fkey=20in=20the=20HTTPSamlAuthentic=E2=80=A6=20(#1015)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* Revert "Using SAML subject_key and roles_key in the HTTPSamlAuthenticator"

This reverts commit b487ed065d032cca33f84e4f9db55623bc4c0819.

* Try using another port 8088 for running the webhook test (#999)

(cherry picked from commit 7db5afe8dc01adbe75309d49858388442d3a5330)

Co-authored-by: Sujith Vadakkepat <svadakke@amazon.com>
---
 .../amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java   | 6 +++---
 .../security/auditlog/sink/WebhookAuditLogTest.java         | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java b/src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java
index 715fcb74f3..87c4f09501 100644
--- a/src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java
+++ b/src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java
@@ -338,12 +338,12 @@ private Settings createJwtAuthenticatorSettings(Settings settings) {
 
         settingsBuilder.put(jwtSettings);
 
-        if (jwtSettings.get("roles_key") == null) {
-            settingsBuilder.put("roles_key", settings.get("roles_key", "roles"));
+        if (jwtSettings.get("roles_key") == null && settings.get("roles_key") != null) {
+            settingsBuilder.put("roles_key", "roles");
         }
 
         if (jwtSettings.get("subject_key") == null) {
-            settingsBuilder.put("subject_key", settings.get("subject_key", "sub"));
+            settingsBuilder.put("subject_key", "sub");
         }
 
         return settingsBuilder.build();
diff --git a/src/test/java/com/amazon/opendistroforelasticsearch/security/auditlog/sink/WebhookAuditLogTest.java b/src/test/java/com/amazon/opendistroforelasticsearch/security/auditlog/sink/WebhookAuditLogTest.java
index 915fa247f6..c4adf3ae8d 100644
--- a/src/test/java/com/amazon/opendistroforelasticsearch/security/auditlog/sink/WebhookAuditLogTest.java
+++ b/src/test/java/com/amazon/opendistroforelasticsearch/security/auditlog/sink/WebhookAuditLogTest.java
@@ -444,11 +444,11 @@ public void httpsTest() throws Exception {
 
 	@Test
     public void httpsTestPemDefault() throws Exception {
-
+        final int port = 8088;
         TestHttpHandler handler = new TestHttpHandler();
 
         server = ServerBootstrap.bootstrap()
-                .setListenerPort(8084)
+                .setListenerPort(port)
                 .setServerInfo("Test/1.1")
                 .setSslContext(createSSLContext())
                 .registerHandler("*", handler)
@@ -458,7 +458,7 @@ public void httpsTestPemDefault() throws Exception {
         AuditMessage msg = MockAuditMessageFactory.validAuditMessage();
         LoggingSink fallback =  new LoggingSink("test", Settings.EMPTY, null, null);
 
-        String url = "https://localhost:8084/endpoint";
+        String url = "https://localhost:" + port + "/endpoint";
 
         // test default with filepath
         handler.reset();