honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Switch security spi example to new style Requests (#32341) 

In #29623 we added `Request` object flavored requests to the low level
REST client and in #30315 we deprecated the old `performRequest`s. This
changes all calls in the `x-pack/qa/security-example-spi-extension`
project to use the new versions.
This commit is contained in:
Nik Everett 2018-07-30 18:07:49 -04:00 committed by GitHub
parent c69e62d96f
commit 670630948b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 28 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
x-pack/qa/security-example-spi-extension/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java
View File

@ -5,10 +5,11 @@
*/ */
package org.elasticsearch.example.realm; package org.elasticsearch.example.realm;
import org.apache.http.message.BasicHeader;
import org.elasticsearch.action.admin.cluster.health.ClusterHealthResponse; import org.elasticsearch.action.admin.cluster.health.ClusterHealthResponse;
import org.elasticsearch.action.admin.cluster.node.info.NodeInfo; import org.elasticsearch.action.admin.cluster.node.info.NodeInfo;
import org.elasticsearch.action.admin.cluster.node.info.NodesInfoResponse; import org.elasticsearch.action.admin.cluster.node.info.NodesInfoResponse;
import org.elasticsearch.client.Request;
import org.elasticsearch.client.RequestOptions;
import org.elasticsearch.client.Response; import org.elasticsearch.client.Response;
import org.elasticsearch.client.ResponseException; import org.elasticsearch.client.ResponseException;
import org.elasticsearch.client.transport.NoNodeAvailableException; import org.elasticsearch.client.transport.NoNodeAvailableException;
@ -50,7 +51,7 @@ public class CustomRealmIT extends ESIntegTestCase {
public void testHttpConnectionWithNoAuthentication() throws Exception { public void testHttpConnectionWithNoAuthentication() throws Exception {
try { try {
getRestClient().performRequest("GET", "/"); getRestClient().performRequest(new Request("GET", "/"));
fail("request should have failed"); fail("request should have failed");
} catch(ResponseException e) { } catch(ResponseException e) {
Response response = e.getResponse(); Response response = e.getResponse();
@ -61,9 +62,12 @@ public class CustomRealmIT extends ESIntegTestCase {
} }
public void testHttpAuthentication() throws Exception { public void testHttpAuthentication() throws Exception {
Response response = getRestClient().performRequest("GET", "/", Request request = new Request("GET", "/");
new BasicHeader(CustomRealm.USER_HEADER, CustomRealm.KNOWN_USER), RequestOptions.Builder options = request.getOptions().toBuilder();
new BasicHeader(CustomRealm.PW_HEADER, CustomRealm.KNOWN_PW.toString())); options.addHeader(CustomRealm.USER_HEADER, CustomRealm.KNOWN_USER);
options.addHeader(CustomRealm.PW_HEADER, CustomRealm.KNOWN_PW.toString());
request.setOptions(options);
Response response = getRestClient().performRequest(request);
assertThat(response.getStatusLine().getStatusCode(), is(200)); assertThat(response.getStatusLine().getStatusCode(), is(200));
} }

29
x-pack/qa/security-example-spi-extension/src/test/java/org/elasticsearch/example/role/CustomRolesProviderIT.java
View File

@ -5,7 +5,8 @@
*/ */
package org.elasticsearch.example.role; package org.elasticsearch.example.role;
import org.apache.http.message.BasicHeader; import org.elasticsearch.client.Request;
import org.elasticsearch.client.RequestOptions;
import org.elasticsearch.client.Response; import org.elasticsearch.client.Response;
import org.elasticsearch.client.ResponseException; import org.elasticsearch.client.ResponseException;
import org.elasticsearch.common.network.NetworkModule; import org.elasticsearch.common.network.NetworkModule;
@ -33,10 +34,17 @@ import static org.hamcrest.Matchers.is;
* Integration test for custom roles providers. * Integration test for custom roles providers.
*/ */
public class CustomRolesProviderIT extends ESIntegTestCase { public class CustomRolesProviderIT extends ESIntegTestCase {
private static final String TEST_USER = "test_user"; private static final String TEST_USER = "test_user";
private static final String TEST_PWD = "change_me"; private static final String TEST_PWD = "change_me";
private static final RequestOptions AUTH_OPTIONS;
static {
RequestOptions.Builder options = RequestOptions.DEFAULT.toBuilder();
options.addHeader(UsernamePasswordToken.BASIC_AUTH_HEADER,
basicAuthHeaderValue(TEST_USER, new SecureString(TEST_PWD.toCharArray())));
AUTH_OPTIONS = options.build();
}
@Override @Override
protected Settings externalClusterClientSettings() { protected Settings externalClusterClientSettings() {
return Settings.builder() return Settings.builder()
@ -59,7 +67,9 @@ public class CustomRolesProviderIT extends ESIntegTestCase {
public void testAuthorizedCustomRoleSucceeds() throws Exception { public void testAuthorizedCustomRoleSucceeds() throws Exception {
setupTestUser(ROLE_B); setupTestUser(ROLE_B);
// roleB has all permissions on index "foo", so creating "foo" should succeed // roleB has all permissions on index "foo", so creating "foo" should succeed
Response response = getRestClient().performRequest("PUT", "/" + INDEX, authHeader()); Request request = new Request("PUT", "/" + INDEX);
request.setOptions(AUTH_OPTIONS);
Response response = getRestClient().performRequest(request);
assertThat(response.getStatusLine().getStatusCode(), is(200)); assertThat(response.getStatusLine().getStatusCode(), is(200));
} }
@ -71,7 +81,9 @@ public class CustomRolesProviderIT extends ESIntegTestCase {
setupTestUser(ROLE_A); setupTestUser(ROLE_A);
// roleB has all permissions on index "foo", so creating "foo" should succeed // roleB has all permissions on index "foo", so creating "foo" should succeed
try { try {
getRestClient().performRequest("PUT", "/" + INDEX, authHeader()); Request request = new Request("PUT", "/" + INDEX);
request.setOptions(AUTH_OPTIONS);
getRestClient().performRequest(request);
fail(ROLE_A + " should not be authorized to create index " + INDEX); fail(ROLE_A + " should not be authorized to create index " + INDEX);
} catch (ResponseException e) { } catch (ResponseException e) {
assertThat(e.getResponse().getStatusLine().getStatusCode(), is(403)); assertThat(e.getResponse().getStatusLine().getStatusCode(), is(403));
@ -82,15 +94,12 @@ public class CustomRolesProviderIT extends ESIntegTestCase {
setupTestUser("unknown"); setupTestUser("unknown");
// roleB has all permissions on index "foo", so creating "foo" should succeed // roleB has all permissions on index "foo", so creating "foo" should succeed
try { try {
getRestClient().performRequest("PUT", "/" + INDEX, authHeader()); Request request = new Request("PUT", "/" + INDEX);
request.setOptions(AUTH_OPTIONS);
getRestClient().performRequest(request);
fail(ROLE_A + " should not be authorized to create index " + INDEX); fail(ROLE_A + " should not be authorized to create index " + INDEX);
} catch (ResponseException e) { } catch (ResponseException e) {
assertThat(e.getResponse().getStatusLine().getStatusCode(), is(403)); assertThat(e.getResponse().getStatusLine().getStatusCode(), is(403));
} }
} }
private BasicHeader authHeader() {
return new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER,
basicAuthHeaderValue(TEST_USER, new SecureString(TEST_PWD.toCharArray())));
}
} }