Remove guice from ssl services

This change removes guice from the client and server ssl services.

Original commit: elastic/x-pack-elasticsearch@d60f8ca474

elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/Security.java

@@ -36,6 +36,7 @@ import org.elasticsearch.env.Environment;
 import org.elasticsearch.index.IndexModule;
 import org.elasticsearch.plugins.ActionPlugin;
 import org.elasticsearch.rest.RestHandler;
+import org.elasticsearch.watcher.ResourceWatcherService;
 import org.elasticsearch.xpack.XPackPlugin;
 import org.elasticsearch.xpack.security.action.SecurityActionModule;
 import org.elasticsearch.xpack.security.action.filter.SecurityActionFilter;
@@ -87,8 +88,9 @@ import org.elasticsearch.xpack.security.rest.action.user.RestChangePasswordActio
 import org.elasticsearch.xpack.security.rest.action.user.RestDeleteUserAction;
 import org.elasticsearch.xpack.security.rest.action.user.RestGetUsersAction;
 import org.elasticsearch.xpack.security.rest.action.user.RestPutUserAction;
+import org.elasticsearch.xpack.security.ssl.ClientSSLService;
 import org.elasticsearch.xpack.security.ssl.SSLConfiguration;
-import org.elasticsearch.xpack.security.ssl.SSLModule;
+import org.elasticsearch.xpack.security.ssl.ServerSSLService;
 import org.elasticsearch.xpack.security.support.OptionalSettings;
 import org.elasticsearch.xpack.security.transport.SecurityClientTransportService;
 import org.elasticsearch.xpack.security.transport.SecurityServerTransportService;
@@ -115,6 +117,7 @@ public class Security implements ActionPlugin {
     public static final Setting<Optional<String>> USER_SETTING = OptionalSettings.createString(setting("user"), Property.NodeScope);
 
     private final Settings settings;
+    private final Environment env;
     private final boolean enabled;
     private final boolean transportClientMode;
     private final SecurityLicenseState securityLicenseState;
@@ -122,6 +125,7 @@ public class Security implements ActionPlugin {
 
     public Security(Settings settings, Environment env) throws IOException {
         this.settings = settings;
+        this.env = env;
         this.transportClientMode = XPackPlugin.transportClientMode(settings);
         this.enabled = XPackPlugin.featureEnabled(settings, NAME, true);
         if (enabled && transportClientMode == false) {
@@ -154,7 +158,12 @@ public class Security implements ActionPlugin {
             }
             modules.add(new SecurityModule(settings));
             modules.add(new SecurityTransportModule(settings));
-            modules.add(new SSLModule(settings));
+            modules.add(b -> {
+                // for transport client we still must construct these ssl classes with guice
+                b.bind(ServerSSLService.class).toProvider(Providers.<ServerSSLService>of(null));
+                b.bind(ClientSSLService.class).toInstance(new ClientSSLService(settings, new SSLConfiguration.Global(settings)));
+            });
+
             return modules;
         }
 
@@ -178,7 +187,6 @@ public class Security implements ActionPlugin {
         modules.add(new SecurityRestModule(settings));
         modules.add(new SecurityActionModule(settings));
         modules.add(new SecurityTransportModule(settings));
-        modules.add(new SSLModule(settings));
         return modules;
     }
 
@@ -192,6 +200,21 @@ public class Security implements ActionPlugin {
         return list;
     }
 
+    public Collection<Object> createComponents(ResourceWatcherService resourceWatcherService) {
+        if (enabled == false) {
+            return Collections.emptyList();
+        }
+
+        final SSLConfiguration.Global globalSslConfig = new SSLConfiguration.Global(settings);
+        // client ssl still has an injected ctor b/c it is used by transport client, and
+        // there environmet and resource watcher do not exist, so we must set them after construction
+        final ClientSSLService clientSSLService = new ClientSSLService(settings, globalSslConfig);
+        clientSSLService.setEnvAndResourceWatcher(env, resourceWatcherService);
+        final ServerSSLService serverSSLService = new ServerSSLService(settings, env, globalSslConfig, resourceWatcherService);
+
+        return Arrays.asList(clientSSLService, serverSSLService);
+    }
+
     public Settings additionalSettings() {
         if (enabled == false) {
             return Settings.EMPTY;

elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/authc/esnative/ESNativeRealmMigrateTool.java

@@ -152,7 +152,7 @@ public class ESNativeRealmMigrateTool extends MultiCommand {
                 Settings sslSettings = settings.getByPrefix(setting("http.ssl."));
                 SSLConfiguration.Global globalConfig = new SSLConfiguration.Global(settings);
                 final ClientSSLService sslService = new ClientSSLService(sslSettings, globalConfig);
-                sslService.setEnvironment(env);
+                sslService.setEnvAndResourceWatcher(env, null);
                 final HttpsURLConnection httpsConn = (HttpsURLConnection) url.openConnection();
                 AccessController.doPrivileged(new PrivilegedAction<Void>() {
                     @Override

elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/ssl/ClientSSLService.java

@@ -5,26 +5,19 @@
  */
 package org.elasticsearch.xpack.security.ssl;
 
-import org.elasticsearch.common.inject.Inject;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.env.Environment;
-import org.elasticsearch.xpack.security.ssl.SSLConfiguration.Global;
 import org.elasticsearch.watcher.ResourceWatcherService;
+import org.elasticsearch.xpack.security.ssl.SSLConfiguration.Global;
 
 public class ClientSSLService extends AbstractSSLService {
 
-    @Inject
     public ClientSSLService(Settings settings, Global globalSSLConfiguration) {
         super(settings, null, globalSSLConfiguration, null);
     }
 
-    @Inject(optional = true)
+    public void setEnvAndResourceWatcher(Environment environment, ResourceWatcherService resourceWatcherService) {
-    public void setEnvironment(Environment environment) {
         this.env = environment;
-    }
-
-    @Inject(optional = true)
-    public void setResourceWatcherService(ResourceWatcherService resourceWatcherService) {
         this.resourceWatcherService = resourceWatcherService;
     }
 

elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/ssl/SSLConfiguration.java

@@ -5,13 +5,6 @@
  */
 package org.elasticsearch.xpack.security.ssl;
 
-import org.elasticsearch.common.inject.Inject;
-import org.elasticsearch.common.settings.Setting;
-import org.elasticsearch.common.settings.Setting.Property;
-import org.elasticsearch.common.settings.Settings;
-import org.elasticsearch.common.settings.SettingsModule;
-import org.elasticsearch.common.unit.TimeValue;
-
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.TrustManagerFactory;
 import java.util.Arrays;
@@ -21,6 +14,11 @@ import java.util.Objects;
 import java.util.Optional;
 import java.util.function.Function;
 
+import org.elasticsearch.common.settings.Setting;
+import org.elasticsearch.common.settings.Setting.Property;
+import org.elasticsearch.common.settings.Settings;
+import org.elasticsearch.common.unit.TimeValue;
+
 import static org.elasticsearch.xpack.security.Security.setting;
 import static org.elasticsearch.xpack.security.support.OptionalSettings.createInt;
 import static org.elasticsearch.xpack.security.support.OptionalSettings.createString;
@@ -181,7 +179,6 @@ public abstract class SSLConfiguration {
          *
          * @param settings the global settings to build the SSL configuration from
          */
-        @Inject
         public Global(Settings settings) {
             this.keyConfig = createGlobalKeyConfig(settings);
             this.trustConfig = createGlobalTrustConfig(settings, keyConfig);

elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/ssl/SSLModule.java

@@ -1,32 +0,0 @@
-/*
- * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License;
- * you may not use this file except in compliance with the Elastic License.
- */
-package org.elasticsearch.xpack.security.ssl;
-
-import org.elasticsearch.common.inject.util.Providers;
-import org.elasticsearch.common.settings.Settings;
-import org.elasticsearch.xpack.security.ssl.SSLConfiguration.Global;
-import org.elasticsearch.xpack.security.support.AbstractSecurityModule;
-
-/**
- *
- */
-public class SSLModule extends AbstractSecurityModule {
-
-    public SSLModule(Settings settings) {
-        super(settings);
-    }
-
-    @Override
-    protected void configure(boolean clientMode) {
-        bind(Global.class).asEagerSingleton();
-        bind(ClientSSLService.class).asEagerSingleton();
-        if (clientMode) {
-            bind(ServerSSLService.class).toProvider(Providers.<ServerSSLService>of(null));
-        } else {
-            bind(ServerSSLService.class).asEagerSingleton();
-        }
-    }
-}

elasticsearch/x-pack/security/src/main/java/org/elasticsearch/xpack/security/ssl/ServerSSLService.java

@@ -5,15 +5,13 @@
  */
 package org.elasticsearch.xpack.security.ssl;
 
-import org.elasticsearch.common.inject.Inject;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.env.Environment;
-import org.elasticsearch.xpack.security.ssl.SSLConfiguration.Global;
 import org.elasticsearch.watcher.ResourceWatcherService;
+import org.elasticsearch.xpack.security.ssl.SSLConfiguration.Global;
 
 public class ServerSSLService extends AbstractSSLService {
 
-    @Inject
     public ServerSSLService(Settings settings, Environment environment, Global globalSSLConfiguration,
                             ResourceWatcherService resourceWatcherService) {
         super(settings, environment, globalSSLConfiguration, resourceWatcherService);

elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/authc/activedirectory/AbstractActiveDirectoryIntegTests.java

@@ -44,7 +44,7 @@ public class AbstractActiveDirectoryIntegTests extends ESTestCase {
         globalSettings = builder.build();
         Environment environment = new Environment(globalSettings);
         clientSSLService = new ClientSSLService(globalSettings, new Global(globalSettings));
-        clientSSLService.setEnvironment(environment);
+        clientSSLService.setEnvAndResourceWatcher(environment, null);
     }
 
     Settings buildAdSettings(String ldapUrl, String adDomainName, String userSearchDN, LdapSearchScope scope,

elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/GroupsResolverTestCase.java

@@ -41,7 +41,7 @@ public abstract class GroupsResolverTestCase extends ESTestCase {
         Settings settings = builder.build();
         Environment env = new Environment(settings);
         ClientSSLService clientSSLService = new ClientSSLService(settings, new Global(settings));
-        clientSSLService.setEnvironment(env);
+        clientSSLService.setEnvAndResourceWatcher(env, null);
 
         LDAPURL ldapurl = new LDAPURL(ldapUrl());
         LDAPConnectionOptions options = new LDAPConnectionOptions();

elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/LdapUserSearchSessionFactoryTests.java

@@ -76,7 +76,7 @@ public class LdapUserSearchSessionFactoryTests extends LdapTestCase {
                 .put("xpack.security.ssl.keystore.password", "changeit")
                 .build();
         clientSSLService = new ClientSSLService(settings, new Global(settings));
-        clientSSLService.setEnvironment(env);
+        clientSSLService.setEnvAndResourceWatcher(env, null);
 
         globalSettings = Settings.builder().put("path.home", createTempDir()).build();
     }

elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/authc/ldap/OpenLdapTests.java

@@ -59,7 +59,7 @@ public class OpenLdapTests extends ESTestCase {
         globalSettings = builder.build();
         Environment environment = new Environment(globalSettings);
         clientSSLService = new ClientSSLService(globalSettings, new Global(globalSettings));
-        clientSSLService.setEnvironment(environment);
+        clientSSLService.setEnvAndResourceWatcher(environment, null);
     }
 
     public void testConnect() throws Exception {

elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/ssl/ClientSSLServiceTests.java

@@ -285,7 +285,7 @@ public class ClientSSLServiceTests extends ESTestCase {
 
     private ClientSSLService createClientSSLService(Settings settings) {
         ClientSSLService clientSSLService = new ClientSSLService(settings, new Global(settings));
-        clientSSLService.setEnvironment(env);
+        clientSSLService.setEnvAndResourceWatcher(env, null);
         return clientSSLService;
     }
 }

elasticsearch/x-pack/security/src/test/java/org/elasticsearch/xpack/security/transport/netty3/SecurityNetty3TransportTests.java

@@ -45,7 +45,7 @@ public class SecurityNetty3TransportTests extends ESTestCase {
         Global globalSSLConfiguration = new Global(settings);
         serverSSLService = new ServerSSLService(settings, env, globalSSLConfiguration, null);
         clientSSLService = new ClientSSLService(settings, globalSSLConfiguration);
-        clientSSLService.setEnvironment(env);
+        clientSSLService.setEnvAndResourceWatcher(env, null);
     }
 
     public void testThatSSLCanBeDisabledByProfile() throws Exception {

elasticsearch/x-pack/src/main/java/org/elasticsearch/xpack/XPackPlugin.java

@@ -192,6 +192,7 @@ public class XPackPlugin extends Plugin implements ScriptPlugin, ActionPlugin {
         components.add(internalClient);
 
         components.addAll(licensing.createComponents(clusterService, getClock(), security.getSecurityLicenseState()));
+        components.addAll(security.createComponents(resourceWatcherService));
 
         // watcher http stuff
         Map<String, HttpAuthFactory> httpAuthFactories = new HashMap<>();