From f2f717445f2752b982c2ce6e85072e2626a69ac3 Mon Sep 17 00:00:00 2001 From: cliu123 Date: Thu, 24 Jun 2021 09:17:13 -0700 Subject: [PATCH 1/9] Upgrade json-smart from 2.4.2 to 2.4.5 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 1a4a5f21aa..a6cd010008 100644 --- a/pom.xml +++ b/pom.xml @@ -131,7 +131,7 @@ net.minidev json-smart - 2.4.2 + 2.4.5 From 510c7a56de5c5af67a4c90f22de3ab7e138a4b03 Mon Sep 17 00:00:00 2001 From: cliu123 Date: Thu, 24 Jun 2021 09:50:33 -0700 Subject: [PATCH 2/9] Keep accessors-smart-2.4.2 --- pom.xml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/pom.xml b/pom.xml index a6cd010008..a1a08df427 100644 --- a/pom.xml +++ b/pom.xml @@ -133,6 +133,11 @@ json-smart 2.4.5 + + net.minidev + accessors-smart + 2.4.2 + From 56e72109da5ff75aa01046ed3cd3fa74b612b15f Mon Sep 17 00:00:00 2001 From: cliu123 Date: Sat, 26 Jun 2021 13:02:57 -0700 Subject: [PATCH 3/9] Revert "Keep accessors-smart-2.4.2" This reverts commit 510c7a56de5c5af67a4c90f22de3ab7e138a4b03. --- pom.xml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/pom.xml b/pom.xml index a1a08df427..a6cd010008 100644 --- a/pom.xml +++ b/pom.xml @@ -133,11 +133,6 @@ json-smart 2.4.5 - - net.minidev - accessors-smart - 2.4.2 - From 4c16daf41e37235c3ffdb60fe39810fe373f3c2a Mon Sep 17 00:00:00 2001 From: cliu123 Date: Sat, 26 Jun 2021 13:03:29 -0700 Subject: [PATCH 4/9] Revert "Upgrade json-smart from 2.4.2 to 2.4.5" This reverts commit f2f717445f2752b982c2ce6e85072e2626a69ac3. --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index a6cd010008..1a4a5f21aa 100644 --- a/pom.xml +++ b/pom.xml @@ -131,7 +131,7 @@ net.minidev json-smart - 2.4.5 + 2.4.2 From 9ba5d57eae5a7a851d1ce3da3a57f7a617363911 Mon Sep 17 00:00:00 2001 From: cliu123 Date: Sat, 26 Jun 2021 13:08:03 -0700 Subject: [PATCH 5/9] Exclude json-smart dependency --- pom.xml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/pom.xml b/pom.xml index 1a4a5f21aa..ee0564c6a9 100644 --- a/pom.xml +++ b/pom.xml @@ -387,6 +387,12 @@ com.jayway.jsonpath json-path 2.4.0 + + + net.minidev + json-smart + + From 667725ed14b2eee7a4e8e42573a36154f89485c7 Mon Sep 17 00:00:00 2001 From: cliu123 Date: Mon, 28 Jun 2021 10:37:05 -0700 Subject: [PATCH 6/9] Replace json-smart with Jackson --- .../ssl/SecuritySSLCertsInfoActionTests.java | 10 ++- .../SecuritySSLReloadCertsActionTests.java | 87 +++++++++++++------ 2 files changed, 65 insertions(+), 32 deletions(-) diff --git a/src/test/java/org/opensearch/security/ssl/SecuritySSLCertsInfoActionTests.java b/src/test/java/org/opensearch/security/ssl/SecuritySSLCertsInfoActionTests.java index 75919b968a..98829f0374 100644 --- a/src/test/java/org/opensearch/security/ssl/SecuritySSLCertsInfoActionTests.java +++ b/src/test/java/org/opensearch/security/ssl/SecuritySSLCertsInfoActionTests.java @@ -15,6 +15,8 @@ package org.opensearch.security.ssl; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.fasterxml.jackson.databind.node.ObjectNode; import org.opensearch.security.ssl.util.SSLConfigConstants; import org.opensearch.security.support.ConfigConstants; import org.opensearch.security.test.SingleClusterTest; @@ -22,7 +24,6 @@ import org.opensearch.security.test.helper.rest.RestHelper; import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableMap; -import net.minidev.json.JSONObject; import org.opensearch.common.settings.Settings; import org.junit.Assert; import org.junit.Test; @@ -53,9 +54,10 @@ public void testCertInfo_Pass() throws Exception { rh.keystore = "kirk-keystore.jks"; final RestHelper.HttpResponse transportInfoRestResponse = rh.executeGetRequest(ENDPOINT); - JSONObject expectedJsonResponse = new JSONObject(); - expectedJsonResponse.appendField("http_certificates_list", NODE_CERT_DETAILS); - expectedJsonResponse.appendField("transport_certificates_list", NODE_CERT_DETAILS); + ObjectMapper mapper = new ObjectMapper(); + ObjectNode expectedJsonResponse = mapper.createObjectNode(); + expectedJsonResponse.put("http_certificates_list", String.valueOf(NODE_CERT_DETAILS)); + expectedJsonResponse.put("transport_certificates_list", String.valueOf(NODE_CERT_DETAILS)); Assert.assertEquals(expectedJsonResponse.toString(), transportInfoRestResponse.getBody()); } diff --git a/src/test/java/org/opensearch/security/ssl/SecuritySSLReloadCertsActionTests.java b/src/test/java/org/opensearch/security/ssl/SecuritySSLReloadCertsActionTests.java index f3be16a166..a9aa324878 100644 --- a/src/test/java/org/opensearch/security/ssl/SecuritySSLReloadCertsActionTests.java +++ b/src/test/java/org/opensearch/security/ssl/SecuritySSLReloadCertsActionTests.java @@ -15,6 +15,12 @@ package org.opensearch.security.ssl; +import com.fasterxml.jackson.core.JsonGenerator; +import com.fasterxml.jackson.core.JsonParser; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.fasterxml.jackson.databind.node.ObjectNode; +import org.apache.commons.io.output.ByteArrayOutputStream; +import org.apache.kafka.common.protocol.types.Field; import org.opensearch.security.ssl.util.SSLConfigConstants; import org.opensearch.security.support.ConfigConstants; import org.opensearch.security.test.DynamicSecurityConfig; @@ -24,7 +30,6 @@ import org.opensearch.security.test.helper.rest.RestHelper; import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableMap; -import net.minidev.json.JSONObject; import org.opensearch.common.settings.Settings; import org.junit.Assert; import org.junit.Rule; @@ -32,8 +37,10 @@ import org.junit.rules.TemporaryFolder; import java.io.File; +import java.util.HashMap; import java.util.List; import java.util.Map; +import java.util.stream.IntStream; public class SecuritySSLReloadCertsActionTests extends SingleClusterTest { @@ -79,11 +86,24 @@ public void testReloadTransportSSLCertsPass() throws Exception { rh.keystore = "ssl/reload/kirk-keystore.jks"; String certDetailsResponse = rh.executeSimpleRequest(GET_CERT_DETAILS_ENDPOINT); - - JSONObject expectedJsonResponse = new JSONObject(); - expectedJsonResponse.appendField("http_certificates_list", NODE_CERT_DETAILS); - expectedJsonResponse.appendField("transport_certificates_list", NODE_CERT_DETAILS); - Assert.assertEquals(expectedJsonResponse.toString(), certDetailsResponse); + ObjectMapper mapper3 = new ObjectMapper(); + ObjectNode certDetailsResponseNode = mapper3.readValue(certDetailsResponse, ObjectNode.class); + certDetailsResponse = mapper3.writeValueAsString(certDetailsResponseNode); + ObjectMapper mapper = new ObjectMapper(); + ObjectNode rootNode = mapper.createObjectNode(); + +// ObjectNode childNode = mapper.createObjectNode(); +// ImmutableMap NODE_CERT_DETAIL = (ImmutableMap) NODE_CERT_DETAILS.get(0); +// for (Map.Entry entry : NODE_CERT_DETAIL.entrySet()) { +// childNode.put(entry.getKey(), entry.getValue()); +// } +// rootNode.set("http_certificates_list", childNode); +// rootNode.set("transport_certificates_list", childNode); + rootNode.put("http_certificates_list", String.valueOf(NODE_CERT_DETAILS)); + rootNode.put("transport_certificates_list", String.valueOf(NODE_CERT_DETAILS)); + String expectedJsonResponse = mapper.writeValueAsString(rootNode); + + Assert.assertEquals(expectedJsonResponse, certDetailsResponse); // Test Valid Case: Change transport file details to "ssl/pem/node-new.crt.pem" and "ssl/pem/node-new.key.pem" FileHelper.copyFileContents(FileHelper.getAbsoluteFilePathFromClassPath("ssl/reload/node-new.crt.pem").toString(), pemCertFilePath); @@ -91,15 +111,19 @@ public void testReloadTransportSSLCertsPass() throws Exception { RestHelper.HttpResponse reloadCertsResponse = rh.executePutRequest(RELOAD_TRANSPORT_CERTS_ENDPOINT, null); Assert.assertEquals(200, reloadCertsResponse.getStatusCode()); - expectedJsonResponse = new JSONObject(); - expectedJsonResponse.appendField("message", "updated transport certs"); - Assert.assertEquals(expectedJsonResponse.toString(), reloadCertsResponse.getBody()); + mapper = new ObjectMapper(); + rootNode = mapper.createObjectNode(); + rootNode.put("message", "updated transport certs"); + expectedJsonResponse = mapper.writeValueAsString(rootNode); + Assert.assertEquals(expectedJsonResponse, reloadCertsResponse.getBody()); certDetailsResponse = rh.executeSimpleRequest(GET_CERT_DETAILS_ENDPOINT); - expectedJsonResponse = new JSONObject(); - expectedJsonResponse.appendField("http_certificates_list", NODE_CERT_DETAILS); - expectedJsonResponse.appendField("transport_certificates_list", NEW_NODE_CERT_DETAILS); - Assert.assertEquals(expectedJsonResponse.toString(), certDetailsResponse); + mapper = new ObjectMapper(); + rootNode = mapper.createObjectNode(); + rootNode.put("http_certificates_list", String.valueOf(NODE_CERT_DETAILS)); + rootNode.put("transport_certificates_list", String.valueOf(NEW_NODE_CERT_DETAILS)); + expectedJsonResponse = mapper.writeValueAsString(rootNode); + Assert.assertEquals(expectedJsonResponse, certDetailsResponse); } @Test @@ -118,9 +142,10 @@ public void testReloadHttpSSLCertsPass() throws Exception { rh.keystore = "ssl/reload/kirk-keystore.jks"; String certDetailsResponse = rh.executeSimpleRequest(GET_CERT_DETAILS_ENDPOINT); - JSONObject expectedJsonResponse = new JSONObject(); - expectedJsonResponse.appendField("http_certificates_list", NODE_CERT_DETAILS); - expectedJsonResponse.appendField("transport_certificates_list", NODE_CERT_DETAILS); + ObjectMapper mapper = new ObjectMapper(); + ObjectNode expectedJsonResponse = mapper.createObjectNode(); + expectedJsonResponse.put("http_certificates_list", String.valueOf(NODE_CERT_DETAILS)); + expectedJsonResponse.put("transport_certificates_list", String.valueOf(NODE_CERT_DETAILS)); Assert.assertEquals(expectedJsonResponse.toString(), certDetailsResponse); // Test Valid Case: Change rest file details to "ssl/pem/node-new.crt.pem" and "ssl/pem/node-new.key.pem" @@ -129,14 +154,16 @@ public void testReloadHttpSSLCertsPass() throws Exception { RestHelper.HttpResponse reloadCertsResponse = rh.executePutRequest(RELOAD_HTTP_CERTS_ENDPOINT, null); Assert.assertEquals(200, reloadCertsResponse.getStatusCode()); - expectedJsonResponse = new JSONObject(); - expectedJsonResponse.appendField("message", "updated http certs"); + mapper = new ObjectMapper(); + expectedJsonResponse = mapper.createObjectNode(); + expectedJsonResponse.put("message", "updated http certs"); Assert.assertEquals(expectedJsonResponse.toString(), reloadCertsResponse.getBody()); certDetailsResponse = rh.executeSimpleRequest(GET_CERT_DETAILS_ENDPOINT); - expectedJsonResponse = new JSONObject(); - expectedJsonResponse.appendField("http_certificates_list", NEW_NODE_CERT_DETAILS); - expectedJsonResponse.appendField("transport_certificates_list", NODE_CERT_DETAILS); + mapper = new ObjectMapper(); + expectedJsonResponse = mapper.createObjectNode(); + expectedJsonResponse.put("http_certificates_list", String.valueOf(NEW_NODE_CERT_DETAILS)); + expectedJsonResponse.put("transport_certificates_list", String.valueOf(NODE_CERT_DETAILS)); Assert.assertEquals(expectedJsonResponse.toString(), certDetailsResponse); } @@ -157,7 +184,8 @@ public void testReloadHttpSSLCerts_FailWrongUri() throws Exception { rh.keystore = "ssl/reload/kirk-keystore.jks"; RestHelper.HttpResponse reloadCertsResponse = rh.executePutRequest("_opendistro/_security/api/ssl/wrong/reloadcerts", null); - JSONObject expectedResponse = new JSONObject(); + ObjectMapper mapper = new ObjectMapper(); + ObjectNode expectedResponse = mapper.createObjectNode(); // Note: toString and toJSONString replace / with \/. This helps get rid of the additional \ character. expectedResponse.put("message", "invalid uri path, please use /_opendistro/_security/api/ssl/http/reload or /_opendistro/_security/api/ssl/transport/reload"); final String expectedResponseString = expectedResponse.toString().replace("\\", ""); @@ -207,8 +235,9 @@ public void testSSLReloadFail_InvalidDNAndDate() throws Exception { RestHelper.HttpResponse reloadCertsResponse = rh.executePutRequest(RELOAD_TRANSPORT_CERTS_ENDPOINT, null); Assert.assertEquals(500, reloadCertsResponse.getStatusCode()); - JSONObject expectedResponse = new JSONObject(); - expectedResponse.appendField("error", "OpenSearchSecurityException[Error while initializing transport SSL layer from PEM: java.lang.Exception: " + + ObjectMapper mapper = new ObjectMapper(); + ObjectNode expectedResponse = mapper.createObjectNode(); + expectedResponse.put("error", "OpenSearchSecurityException[Error while initializing transport SSL layer from PEM: java.lang.Exception: " + "New Certs do not have valid Issuer DN, Subject DN or SAN.]; nested: Exception[New Certs do not have valid Issuer DN, Subject DN or SAN.];"); Assert.assertEquals(expectedResponse.toString(), reloadCertsResponse.getBody()); @@ -219,8 +248,9 @@ public void testSSLReloadFail_InvalidDNAndDate() throws Exception { reloadCertsResponse = rh.executePutRequest(RELOAD_TRANSPORT_CERTS_ENDPOINT, null); Assert.assertEquals(500, reloadCertsResponse.getStatusCode()); - expectedResponse = new JSONObject(); - expectedResponse.appendField("error", "OpenSearchSecurityException[Error while initializing transport SSL layer from PEM: java.lang.Exception: New certificates should not expire before the current ones.]; nested: Exception[New certificates should not expire before the current ones.];"); + mapper = new ObjectMapper(); + expectedResponse = mapper.createObjectNode(); + expectedResponse.put("error", "OpenSearchSecurityException[Error while initializing transport SSL layer from PEM: java.lang.Exception: New certificates should not expire before the current ones.]; nested: Exception[New certificates should not expire before the current ones.];"); Assert.assertEquals(expectedResponse.toString(), reloadCertsResponse.getBody()); } @@ -244,8 +274,9 @@ public void testSSLReloadFail_NoReloadSet() throws Exception { final RestHelper.HttpResponse reloadCertsResponse = rh.executePutRequest(RELOAD_TRANSPORT_CERTS_ENDPOINT, null); Assert.assertEquals(400, reloadCertsResponse.getStatusCode()); - JSONObject expectedResponse = new JSONObject(); - expectedResponse.appendField("error", "no handler found for uri [/_opendistro/_security/api/ssl/transport/reloadcerts] and method [PUT]"); + ObjectMapper mapper = new ObjectMapper(); + ObjectNode expectedResponse = mapper.createObjectNode(); + expectedResponse.put("error", "no handler found for uri [/_opendistro/_security/api/ssl/transport/reloadcerts] and method [PUT]"); // Note: toString and toJSONString replace / with \/. This helps get rid of the additional \ character. final String expectedResponseString = expectedResponse.toString().replace("\\", ""); Assert.assertEquals(expectedResponseString, reloadCertsResponse.getBody()); From db9bd1ac8f5af8243b5bc4fee436e57a20e56e1b Mon Sep 17 00:00:00 2001 From: cliu123 Date: Mon, 28 Jun 2021 10:45:34 -0700 Subject: [PATCH 7/9] Revert "Replace json-smart with Jackson" This reverts commit 667725ed14b2eee7a4e8e42573a36154f89485c7. --- .../ssl/SecuritySSLCertsInfoActionTests.java | 10 +-- .../SecuritySSLReloadCertsActionTests.java | 87 ++++++------------- 2 files changed, 32 insertions(+), 65 deletions(-) diff --git a/src/test/java/org/opensearch/security/ssl/SecuritySSLCertsInfoActionTests.java b/src/test/java/org/opensearch/security/ssl/SecuritySSLCertsInfoActionTests.java index 98829f0374..75919b968a 100644 --- a/src/test/java/org/opensearch/security/ssl/SecuritySSLCertsInfoActionTests.java +++ b/src/test/java/org/opensearch/security/ssl/SecuritySSLCertsInfoActionTests.java @@ -15,8 +15,6 @@ package org.opensearch.security.ssl; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.databind.node.ObjectNode; import org.opensearch.security.ssl.util.SSLConfigConstants; import org.opensearch.security.support.ConfigConstants; import org.opensearch.security.test.SingleClusterTest; @@ -24,6 +22,7 @@ import org.opensearch.security.test.helper.rest.RestHelper; import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableMap; +import net.minidev.json.JSONObject; import org.opensearch.common.settings.Settings; import org.junit.Assert; import org.junit.Test; @@ -54,10 +53,9 @@ public void testCertInfo_Pass() throws Exception { rh.keystore = "kirk-keystore.jks"; final RestHelper.HttpResponse transportInfoRestResponse = rh.executeGetRequest(ENDPOINT); - ObjectMapper mapper = new ObjectMapper(); - ObjectNode expectedJsonResponse = mapper.createObjectNode(); - expectedJsonResponse.put("http_certificates_list", String.valueOf(NODE_CERT_DETAILS)); - expectedJsonResponse.put("transport_certificates_list", String.valueOf(NODE_CERT_DETAILS)); + JSONObject expectedJsonResponse = new JSONObject(); + expectedJsonResponse.appendField("http_certificates_list", NODE_CERT_DETAILS); + expectedJsonResponse.appendField("transport_certificates_list", NODE_CERT_DETAILS); Assert.assertEquals(expectedJsonResponse.toString(), transportInfoRestResponse.getBody()); } diff --git a/src/test/java/org/opensearch/security/ssl/SecuritySSLReloadCertsActionTests.java b/src/test/java/org/opensearch/security/ssl/SecuritySSLReloadCertsActionTests.java index a9aa324878..f3be16a166 100644 --- a/src/test/java/org/opensearch/security/ssl/SecuritySSLReloadCertsActionTests.java +++ b/src/test/java/org/opensearch/security/ssl/SecuritySSLReloadCertsActionTests.java @@ -15,12 +15,6 @@ package org.opensearch.security.ssl; -import com.fasterxml.jackson.core.JsonGenerator; -import com.fasterxml.jackson.core.JsonParser; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.databind.node.ObjectNode; -import org.apache.commons.io.output.ByteArrayOutputStream; -import org.apache.kafka.common.protocol.types.Field; import org.opensearch.security.ssl.util.SSLConfigConstants; import org.opensearch.security.support.ConfigConstants; import org.opensearch.security.test.DynamicSecurityConfig; @@ -30,6 +24,7 @@ import org.opensearch.security.test.helper.rest.RestHelper; import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableMap; +import net.minidev.json.JSONObject; import org.opensearch.common.settings.Settings; import org.junit.Assert; import org.junit.Rule; @@ -37,10 +32,8 @@ import org.junit.rules.TemporaryFolder; import java.io.File; -import java.util.HashMap; import java.util.List; import java.util.Map; -import java.util.stream.IntStream; public class SecuritySSLReloadCertsActionTests extends SingleClusterTest { @@ -86,24 +79,11 @@ public void testReloadTransportSSLCertsPass() throws Exception { rh.keystore = "ssl/reload/kirk-keystore.jks"; String certDetailsResponse = rh.executeSimpleRequest(GET_CERT_DETAILS_ENDPOINT); - ObjectMapper mapper3 = new ObjectMapper(); - ObjectNode certDetailsResponseNode = mapper3.readValue(certDetailsResponse, ObjectNode.class); - certDetailsResponse = mapper3.writeValueAsString(certDetailsResponseNode); - ObjectMapper mapper = new ObjectMapper(); - ObjectNode rootNode = mapper.createObjectNode(); - -// ObjectNode childNode = mapper.createObjectNode(); -// ImmutableMap NODE_CERT_DETAIL = (ImmutableMap) NODE_CERT_DETAILS.get(0); -// for (Map.Entry entry : NODE_CERT_DETAIL.entrySet()) { -// childNode.put(entry.getKey(), entry.getValue()); -// } -// rootNode.set("http_certificates_list", childNode); -// rootNode.set("transport_certificates_list", childNode); - rootNode.put("http_certificates_list", String.valueOf(NODE_CERT_DETAILS)); - rootNode.put("transport_certificates_list", String.valueOf(NODE_CERT_DETAILS)); - String expectedJsonResponse = mapper.writeValueAsString(rootNode); - - Assert.assertEquals(expectedJsonResponse, certDetailsResponse); + + JSONObject expectedJsonResponse = new JSONObject(); + expectedJsonResponse.appendField("http_certificates_list", NODE_CERT_DETAILS); + expectedJsonResponse.appendField("transport_certificates_list", NODE_CERT_DETAILS); + Assert.assertEquals(expectedJsonResponse.toString(), certDetailsResponse); // Test Valid Case: Change transport file details to "ssl/pem/node-new.crt.pem" and "ssl/pem/node-new.key.pem" FileHelper.copyFileContents(FileHelper.getAbsoluteFilePathFromClassPath("ssl/reload/node-new.crt.pem").toString(), pemCertFilePath); @@ -111,19 +91,15 @@ public void testReloadTransportSSLCertsPass() throws Exception { RestHelper.HttpResponse reloadCertsResponse = rh.executePutRequest(RELOAD_TRANSPORT_CERTS_ENDPOINT, null); Assert.assertEquals(200, reloadCertsResponse.getStatusCode()); - mapper = new ObjectMapper(); - rootNode = mapper.createObjectNode(); - rootNode.put("message", "updated transport certs"); - expectedJsonResponse = mapper.writeValueAsString(rootNode); - Assert.assertEquals(expectedJsonResponse, reloadCertsResponse.getBody()); + expectedJsonResponse = new JSONObject(); + expectedJsonResponse.appendField("message", "updated transport certs"); + Assert.assertEquals(expectedJsonResponse.toString(), reloadCertsResponse.getBody()); certDetailsResponse = rh.executeSimpleRequest(GET_CERT_DETAILS_ENDPOINT); - mapper = new ObjectMapper(); - rootNode = mapper.createObjectNode(); - rootNode.put("http_certificates_list", String.valueOf(NODE_CERT_DETAILS)); - rootNode.put("transport_certificates_list", String.valueOf(NEW_NODE_CERT_DETAILS)); - expectedJsonResponse = mapper.writeValueAsString(rootNode); - Assert.assertEquals(expectedJsonResponse, certDetailsResponse); + expectedJsonResponse = new JSONObject(); + expectedJsonResponse.appendField("http_certificates_list", NODE_CERT_DETAILS); + expectedJsonResponse.appendField("transport_certificates_list", NEW_NODE_CERT_DETAILS); + Assert.assertEquals(expectedJsonResponse.toString(), certDetailsResponse); } @Test @@ -142,10 +118,9 @@ public void testReloadHttpSSLCertsPass() throws Exception { rh.keystore = "ssl/reload/kirk-keystore.jks"; String certDetailsResponse = rh.executeSimpleRequest(GET_CERT_DETAILS_ENDPOINT); - ObjectMapper mapper = new ObjectMapper(); - ObjectNode expectedJsonResponse = mapper.createObjectNode(); - expectedJsonResponse.put("http_certificates_list", String.valueOf(NODE_CERT_DETAILS)); - expectedJsonResponse.put("transport_certificates_list", String.valueOf(NODE_CERT_DETAILS)); + JSONObject expectedJsonResponse = new JSONObject(); + expectedJsonResponse.appendField("http_certificates_list", NODE_CERT_DETAILS); + expectedJsonResponse.appendField("transport_certificates_list", NODE_CERT_DETAILS); Assert.assertEquals(expectedJsonResponse.toString(), certDetailsResponse); // Test Valid Case: Change rest file details to "ssl/pem/node-new.crt.pem" and "ssl/pem/node-new.key.pem" @@ -154,16 +129,14 @@ public void testReloadHttpSSLCertsPass() throws Exception { RestHelper.HttpResponse reloadCertsResponse = rh.executePutRequest(RELOAD_HTTP_CERTS_ENDPOINT, null); Assert.assertEquals(200, reloadCertsResponse.getStatusCode()); - mapper = new ObjectMapper(); - expectedJsonResponse = mapper.createObjectNode(); - expectedJsonResponse.put("message", "updated http certs"); + expectedJsonResponse = new JSONObject(); + expectedJsonResponse.appendField("message", "updated http certs"); Assert.assertEquals(expectedJsonResponse.toString(), reloadCertsResponse.getBody()); certDetailsResponse = rh.executeSimpleRequest(GET_CERT_DETAILS_ENDPOINT); - mapper = new ObjectMapper(); - expectedJsonResponse = mapper.createObjectNode(); - expectedJsonResponse.put("http_certificates_list", String.valueOf(NEW_NODE_CERT_DETAILS)); - expectedJsonResponse.put("transport_certificates_list", String.valueOf(NODE_CERT_DETAILS)); + expectedJsonResponse = new JSONObject(); + expectedJsonResponse.appendField("http_certificates_list", NEW_NODE_CERT_DETAILS); + expectedJsonResponse.appendField("transport_certificates_list", NODE_CERT_DETAILS); Assert.assertEquals(expectedJsonResponse.toString(), certDetailsResponse); } @@ -184,8 +157,7 @@ public void testReloadHttpSSLCerts_FailWrongUri() throws Exception { rh.keystore = "ssl/reload/kirk-keystore.jks"; RestHelper.HttpResponse reloadCertsResponse = rh.executePutRequest("_opendistro/_security/api/ssl/wrong/reloadcerts", null); - ObjectMapper mapper = new ObjectMapper(); - ObjectNode expectedResponse = mapper.createObjectNode(); + JSONObject expectedResponse = new JSONObject(); // Note: toString and toJSONString replace / with \/. This helps get rid of the additional \ character. expectedResponse.put("message", "invalid uri path, please use /_opendistro/_security/api/ssl/http/reload or /_opendistro/_security/api/ssl/transport/reload"); final String expectedResponseString = expectedResponse.toString().replace("\\", ""); @@ -235,9 +207,8 @@ public void testSSLReloadFail_InvalidDNAndDate() throws Exception { RestHelper.HttpResponse reloadCertsResponse = rh.executePutRequest(RELOAD_TRANSPORT_CERTS_ENDPOINT, null); Assert.assertEquals(500, reloadCertsResponse.getStatusCode()); - ObjectMapper mapper = new ObjectMapper(); - ObjectNode expectedResponse = mapper.createObjectNode(); - expectedResponse.put("error", "OpenSearchSecurityException[Error while initializing transport SSL layer from PEM: java.lang.Exception: " + + JSONObject expectedResponse = new JSONObject(); + expectedResponse.appendField("error", "OpenSearchSecurityException[Error while initializing transport SSL layer from PEM: java.lang.Exception: " + "New Certs do not have valid Issuer DN, Subject DN or SAN.]; nested: Exception[New Certs do not have valid Issuer DN, Subject DN or SAN.];"); Assert.assertEquals(expectedResponse.toString(), reloadCertsResponse.getBody()); @@ -248,9 +219,8 @@ public void testSSLReloadFail_InvalidDNAndDate() throws Exception { reloadCertsResponse = rh.executePutRequest(RELOAD_TRANSPORT_CERTS_ENDPOINT, null); Assert.assertEquals(500, reloadCertsResponse.getStatusCode()); - mapper = new ObjectMapper(); - expectedResponse = mapper.createObjectNode(); - expectedResponse.put("error", "OpenSearchSecurityException[Error while initializing transport SSL layer from PEM: java.lang.Exception: New certificates should not expire before the current ones.]; nested: Exception[New certificates should not expire before the current ones.];"); + expectedResponse = new JSONObject(); + expectedResponse.appendField("error", "OpenSearchSecurityException[Error while initializing transport SSL layer from PEM: java.lang.Exception: New certificates should not expire before the current ones.]; nested: Exception[New certificates should not expire before the current ones.];"); Assert.assertEquals(expectedResponse.toString(), reloadCertsResponse.getBody()); } @@ -274,9 +244,8 @@ public void testSSLReloadFail_NoReloadSet() throws Exception { final RestHelper.HttpResponse reloadCertsResponse = rh.executePutRequest(RELOAD_TRANSPORT_CERTS_ENDPOINT, null); Assert.assertEquals(400, reloadCertsResponse.getStatusCode()); - ObjectMapper mapper = new ObjectMapper(); - ObjectNode expectedResponse = mapper.createObjectNode(); - expectedResponse.put("error", "no handler found for uri [/_opendistro/_security/api/ssl/transport/reloadcerts] and method [PUT]"); + JSONObject expectedResponse = new JSONObject(); + expectedResponse.appendField("error", "no handler found for uri [/_opendistro/_security/api/ssl/transport/reloadcerts] and method [PUT]"); // Note: toString and toJSONString replace / with \/. This helps get rid of the additional \ character. final String expectedResponseString = expectedResponse.toString().replace("\\", ""); Assert.assertEquals(expectedResponseString, reloadCertsResponse.getBody()); From 52ce88c6ae1a89a58f9a847c1d8f75f2335ed6a2 Mon Sep 17 00:00:00 2001 From: cliu123 Date: Mon, 28 Jun 2021 10:45:50 -0700 Subject: [PATCH 8/9] Revert "Exclude json-smart dependency" This reverts commit 9ba5d57eae5a7a851d1ce3da3a57f7a617363911. --- pom.xml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/pom.xml b/pom.xml index ee0564c6a9..1a4a5f21aa 100644 --- a/pom.xml +++ b/pom.xml @@ -387,12 +387,6 @@ com.jayway.jsonpath json-path 2.4.0 - - - net.minidev - json-smart - - From d83faa6c844e42d48b7bcc180e2f928c1bbdccbf Mon Sep 17 00:00:00 2001 From: cliu123 Date: Mon, 28 Jun 2021 11:06:53 -0700 Subject: [PATCH 9/9] Upgrade json-smart to 2.4.7 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 1a4a5f21aa..6e5553699c 100644 --- a/pom.xml +++ b/pom.xml @@ -131,7 +131,7 @@ net.minidev json-smart - 2.4.2 + 2.4.7