Internal: don't override user in the context if already existing

This bug was caused by the fact that we serialize the user and don't re-authenticate on each node anymore. With auto create index, we ended up overriding the user in the context with system due to wrong checks (we would check the headers instead of the context). This bug was revealed by our REST tests.

Also refactored the method for readability and removed check for token.

Original commit: elastic/x-pack-elasticsearch@2aa260b46c

src/main/java/org/elasticsearch/shield/authc/InternalAuthenticationService.java

@@ -83,15 +83,19 @@ public class InternalAuthenticationService extends AbstractComponent implements
 
     @Override
     public void attachUserHeaderIfMissing(TransportMessage message, User user) {
-        String header = (String) message.getHeader(USER_KEY);
-        if (header == null) {
-            header = (String) message.getHeader(TOKEN_KEY);
+        if (message.hasHeader(USER_KEY)) {
+            return;
         }
-        if (header == null) {
-            message.putInContext(USER_KEY, user);
-            header = signUserHeader ? signatureService.sign(encodeUser(user, logger)) : encodeUser(user, logger);
-            message.putHeader(USER_KEY, header);
+        User userFromContext = message.getFromContext(USER_KEY);
+        if (userFromContext != null) {
+            String userHeader = signUserHeader ? signatureService.sign(encodeUser(userFromContext, logger)) : encodeUser(userFromContext, logger);
+            message.putHeader(USER_KEY, userHeader);
+            return;
         }
+
+        message.putInContext(USER_KEY, user);
+        String userHeader = signUserHeader ? signatureService.sign(encodeUser(user, logger)) : encodeUser(user, logger);
+        message.putHeader(USER_KEY, userHeader);
     }
 
     static User decodeUser(String text) {