honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix get certificates HLRC API (#36198) 

- GetSslCertificatesRequest need not implement toXContentObject
- getRequest() returns a new Request object
- Add tests for GetSslCertificatesResponse
- Adjust docs to the new format
This commit is contained in:
Ioannis Kakavas 2018-12-06 12:44:51 +02:00 committed by GitHub
parent ee05ef1312
commit 77e6ef7b20
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 129 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
client/rest-high-level/src/main/java/org/elasticsearch/client/security/GetSslCertificatesRequest.java
View File

@ -22,28 +22,19 @@ package org.elasticsearch.client.security;
import org.apache.http.client.methods.HttpGet;
import org.elasticsearch.client.Request;
import org.elasticsearch.client.Validatable;
import org.elasticsearch.common.xcontent.ToXContentObject;
import org.elasticsearch.common.xcontent.XContentBuilder;
import java.io.IOException;
/**
* Request object to retrieve the X.509 certificates that are used to encrypt communications in an Elasticsearch cluster.
*/
public final class GetSslCertificatesRequest implements Validatable, ToXContentObject {
public final class GetSslCertificatesRequest implements Validatable{
public static final GetSslCertificatesRequest INSTANCE = new GetSslCertificatesRequest();
private final Request request;
private GetSslCertificatesRequest() {
request = new Request(HttpGet.METHOD_NAME, "/_xpack/ssl/certificates");
private GetSslCertificatesRequest(){
}
public Request getRequest() {
return request;
return new Request(HttpGet.METHOD_NAME, "/_xpack/ssl/certificates");
}
public XContentBuilder toXContent(XContentBuilder builder, Params params) throws IOException {
return builder.startObject().endObject();
}
}

2
client/rest-high-level/src/main/java/org/elasticsearch/client/security/support/CertificateInfo.java
View File

@ -80,7 +80,7 @@ public final class CertificateInfo {
return serialNumber;
}
public boolean isHasPrivateKey() {
public boolean hasPrivateKey() {
return hasPrivateKey;
}

109
client/rest-high-level/src/test/java/org/elasticsearch/client/security/GetSslCertificatesResponseTests.java Normal file
View File

@ -0,0 +1,109 @@
/*
* Licensed to Elasticsearch under one or more contributor
* license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright
* ownership. Elasticsearch licenses this file to you under
* the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.elasticsearch.client.security;
import org.elasticsearch.client.security.support.CertificateInfo;
import org.elasticsearch.common.xcontent.XContentBuilder;
import org.elasticsearch.test.ESTestCase;
import org.elasticsearch.test.EqualsHashCodeTestUtils;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import static org.elasticsearch.test.AbstractXContentTestCase.xContentTester;
public class GetSslCertificatesResponseTests extends ESTestCase {
public void testFromXContent() throws IOException {
xContentTester(
this::createParser,
this::createTestInstance,
this::toXContent,
GetSslCertificatesResponse::fromXContent)
.supportsUnknownFields(false)
.test();
}
public void testEqualsAndHashCode() {
final GetSslCertificatesResponse reponse = createTestInstance();
EqualsHashCodeTestUtils.checkEqualsAndHashCode(reponse, this::copy,
this::mutate);
}
protected GetSslCertificatesResponse createTestInstance() {
final CertificateInfo info1 = new CertificateInfo("certs/elastic-certificates.p12", "PKCS12", "instance",
"CN=Elastic Certificate Tool Autogenerated CA", "a20f0ee901e8f69dc633ff633e5cd5437cdb4137",
false, "2021-01-15T20:42:49.000Z");
final CertificateInfo info2 = new CertificateInfo("certs/elastic-certificates.p12", "PKCS12", "ca",
"CN=Elastic Certificate Tool Autogenerated CA", "a20f0ee901e8f69dc633ff633e5cd5437cdb4137",
false, "2021-01-15T20:42:49.000Z");
final CertificateInfo info3 = new CertificateInfo("certs/elastic-certificates.p12", "PKCS12", "instance",
"CN=instance", "a20f0ee901e8f69dc633ff633e5cd5437cdb4137",
true, "2021-01-15T20:44:32.000Z");
return new GetSslCertificatesResponse(Arrays.asList(info1, info2, info3));
}
private void toXContent(GetSslCertificatesResponse response, XContentBuilder builder) throws IOException {
builder.startArray();
for (CertificateInfo info : response.getCertificates()){
builder.startObject();
builder.field(CertificateInfo.PATH.getPreferredName(), info.getPath());
builder.field(CertificateInfo.FORMAT.getPreferredName(), info.getFormat());
builder.field(CertificateInfo.ALIAS.getPreferredName(), info.getAlias());
builder.field(CertificateInfo.SUBJECT_DN.getPreferredName(), info.getSubjectDn());
builder.field(CertificateInfo.SERIAL_NUMBER.getPreferredName(), info.getSerialNumber());
builder.field(CertificateInfo.HAS_PRIVATE_KEY.getPreferredName(), info.hasPrivateKey());
builder.field(CertificateInfo.EXPIRY.getPreferredName(), info.getExpiry());
builder.endObject();
}
builder.endArray();
}
private GetSslCertificatesResponse copy(GetSslCertificatesResponse original) {
final List<CertificateInfo> infoList = new ArrayList<>(original.getCertificates());
return new GetSslCertificatesResponse(infoList);
}
private GetSslCertificatesResponse mutate(GetSslCertificatesResponse original) {
final int i = randomIntBetween(1,5);
final List<CertificateInfo> infoList = new ArrayList<>(original.getCertificates());
switch (i) {
case 1:
infoList.remove(0);
return new GetSslCertificatesResponse(infoList);
case 2:
final CertificateInfo info = new CertificateInfo("certs/elastic-certificates.crt", "PEM", "instance",
"CN=instance2", "a20f0ee901e8f64t33ff633e5cd5437cdb4137",
true, "2028-01-15T20:44:32.000Z");
infoList.add(info);
return new GetSslCertificatesResponse(infoList);
case 3:
final CertificateInfo info2 = new CertificateInfo("certs/elastic-certificates.p12", "PKCS12", "instance",
"CN=instance1", "a20f0ee901e8f69dc633ff633e5cd5437cdb4137",
true, "2021-01-15T20:44:32.000Z");
infoList.remove(2);
infoList.add(info2);
return new GetSslCertificatesResponse(infoList);
default:
return new GetSslCertificatesResponse(Collections.emptyList());
}
}
}

50
docs/java-rest/high-level/security/get-certificates.asciidoc
View File

@ -1,53 +1,35 @@
[[java-rest-high-security-get-certificates]]
--
:api: get-certificates
:response: GetSslCertificatesResponse
--
[id="{upid}-{api}"]
=== SSL Certificate API
[[java-rest-high-security-get-certificates-execution]]
==== Execution
[id="{upid}-{api}-request"]
==== Get Certificates Request
The X.509 Certificates that are used to encrypt communications in an
Elasticsearch cluster using the `security().getSslCertificates()` method:
["source","java",subs="attributes,callouts,macros"]
--------------------------------------------------
include-tagged::{doc-tests}/SecurityDocumentationIT.java[get-certificates-execute]
include-tagged::{doc-tests}/SecurityDocumentationIT.java[{api}-execute]
--------------------------------------------------
[[java-rest-high-security-get-certificates-response]]
==== Response
[id="{upid}-{api}-response"]
==== Get Certificates Response
The returned `GetSslCertificatesResponse` contains a single field, `certificates`.
The returned +{response}+ contains a single field, `certificates`.
This field, accessed with `getCertificates` returns a List of `CertificateInfo`
objects containing the information for all the certificates used.
["source","java",subs="attributes,callouts,macros"]
--------------------------------------------------
include-tagged::{doc-tests}/SecurityDocumentationIT.java[get-certificates-response]
include-tagged::{doc-tests}/SecurityDocumentationIT.java[{api}-response]
--------------------------------------------------
<1> `certificates` is a List of `CertificateInfo`
[[java-rest-high-security-get-certificates-execute-async]]
==== Asynchronous Execution
This request can be executed asynchronously using the `security().getSslCertificatesAsync()`
method:
["source","java",subs="attributes,callouts,macros"]
--------------------------------------------------
include-tagged::{doc-tests}/SecurityDocumentationIT.java[get-certificates-execute-async]
--------------------------------------------------
<1> The `ActionListener` to use when the execution completes.
The asynchronous method does not block and returns immediately. Once the request
has completed the `ActionListener` is called back using the `onResponse` method
if the execution successfully completed or using the `onFailure` method if
it failed.
A typical listener for a `GetSslCertificatesResponse` looks like:
["source","java",subs="attributes,callouts,macros"]
--------------------------------------------------
include-tagged::{doc-tests}/SecurityDocumentationIT.java[get-certificates-execute-listener]
--------------------------------------------------
<1> Called when the execution is successfully completed. The response is
provided as an argument.
<2> Called in case of failure. The raised exception is provided as an argument.
include::../execution.asciidoc[]