Merge pull request elastic/elasticsearch#4044 from rjernst/realm_sig

Extensions: Make resource watcher available to custom realms

Original commit: elastic/x-pack-elasticsearch@3cb494e98d

elasticsearch/src/main/java/org/elasticsearch/xpack/extensions/XPackExtension.java

@@ -10,6 +10,7 @@ import java.util.Collections;
 import java.util.List;
 import java.util.Map;
 
+import org.elasticsearch.watcher.ResourceWatcherService;
 import org.elasticsearch.xpack.security.authc.AuthenticationFailureHandler;
 import org.elasticsearch.xpack.security.authc.Realm;
 
@@ -41,8 +42,10 @@ public abstract class XPackExtension {
      * The key of the returned {@link Map} is the type name of the realm, and the value
      * is a {@link org.elasticsearch.xpack.security.authc.Realm.Factory} which will construct
      * that realm for use in authentication when that realm type is configured.
+     *
+     * @param resourceWatcherService Use to watch configuration files for changes
      */
-    public Map<String, Realm.Factory> getRealms() {
+    public Map<String, Realm.Factory> getRealms(ResourceWatcherService resourceWatcherService) {
         return Collections.emptyMap();
     }
 

elasticsearch/src/main/java/org/elasticsearch/xpack/security/Security.java

@@ -255,7 +255,7 @@ public class Security implements ActionPlugin, IngestPlugin, NetworkPlugin {
         realmFactories.put(LdapRealm.TYPE, config -> new LdapRealm(config, resourceWatcherService, sslService));
         realmFactories.put(PkiRealm.TYPE, config -> new PkiRealm(config, resourceWatcherService, sslService));
         for (XPackExtension extension : extensions) {
-            Map<String, Realm.Factory> newRealms = extension.getRealms();
+            Map<String, Realm.Factory> newRealms = extension.getRealms(resourceWatcherService);
             for (Map.Entry<String, Realm.Factory> entry : newRealms.entrySet()) {
                 if (realmFactories.put(entry.getKey(), entry.getValue()) != null) {
                     throw new IllegalArgumentException("Realm type [" + entry.getKey() + "] is already registered");

elasticsearch/src/test/java/org/elasticsearch/xpack/security/SecurityTests.java

@@ -23,6 +23,7 @@ import org.elasticsearch.env.Environment;
 import org.elasticsearch.license.XPackLicenseState;
 import org.elasticsearch.test.ESTestCase;
 import org.elasticsearch.threadpool.ThreadPool;
+import org.elasticsearch.watcher.ResourceWatcherService;
 import org.elasticsearch.xpack.XPackSettings;
 import org.elasticsearch.xpack.extensions.XPackExtension;
 import org.elasticsearch.xpack.security.audit.AuditTrailService;
@@ -53,7 +54,7 @@ public class SecurityTests extends ESTestCase {
             return "dummy";
         }
         @Override
-        public Map<String, Realm.Factory> getRealms() {
+        public Map<String, Realm.Factory> getRealms(ResourceWatcherService resourceWatcherService) {
             return Collections.singletonMap(realmType, config -> null);
         }
     }

qa/security-example-realm/src/main/java/org/elasticsearch/example/ExampleRealmExtension.java

@@ -7,6 +7,7 @@ package org.elasticsearch.example;
 
 import org.elasticsearch.example.realm.CustomAuthenticationFailureHandler;
 import org.elasticsearch.example.realm.CustomRealm;
+import org.elasticsearch.watcher.ResourceWatcherService;
 import org.elasticsearch.xpack.security.authc.AuthenticationFailureHandler;
 import org.elasticsearch.xpack.extensions.XPackExtension;
 import org.elasticsearch.xpack.security.authc.Realm;
@@ -40,7 +41,7 @@ public class ExampleRealmExtension extends XPackExtension {
     }
 
     @Override
-    public Map<String, Realm.Factory> getRealms() {
+    public Map<String, Realm.Factory> getRealms(ResourceWatcherService resourceWatcherService) {
         return Collections.singletonMap(CustomRealm.TYPE, CustomRealm::new);
     }