Fix get certificates HLRC API (#36198)

- GetSslCertificatesRequest need not implement toXContentObject
- getRequest() returns a new Request object
- Add tests for GetSslCertificatesResponse
- Adjust docs to the new format
This commit is contained in:
Ioannis Kakavas 2018-12-06 12:44:51 +02:00 committed by GitHub
parent ee05ef1312
commit 77e6ef7b20
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 129 additions and 47 deletions

View File

@ -22,28 +22,19 @@ package org.elasticsearch.client.security;
import org.apache.http.client.methods.HttpGet; import org.apache.http.client.methods.HttpGet;
import org.elasticsearch.client.Request; import org.elasticsearch.client.Request;
import org.elasticsearch.client.Validatable; import org.elasticsearch.client.Validatable;
import org.elasticsearch.common.xcontent.ToXContentObject;
import org.elasticsearch.common.xcontent.XContentBuilder;
import java.io.IOException;
/** /**
* Request object to retrieve the X.509 certificates that are used to encrypt communications in an Elasticsearch cluster. * Request object to retrieve the X.509 certificates that are used to encrypt communications in an Elasticsearch cluster.
*/ */
public final class GetSslCertificatesRequest implements Validatable, ToXContentObject { public final class GetSslCertificatesRequest implements Validatable{
public static final GetSslCertificatesRequest INSTANCE = new GetSslCertificatesRequest(); public static final GetSslCertificatesRequest INSTANCE = new GetSslCertificatesRequest();
private final Request request;
private GetSslCertificatesRequest() { private GetSslCertificatesRequest(){
request = new Request(HttpGet.METHOD_NAME, "/_xpack/ssl/certificates");
} }
public Request getRequest() { public Request getRequest() {
return request; return new Request(HttpGet.METHOD_NAME, "/_xpack/ssl/certificates");
} }
public XContentBuilder toXContent(XContentBuilder builder, Params params) throws IOException {
return builder.startObject().endObject();
}
} }

View File

@ -80,7 +80,7 @@ public final class CertificateInfo {
return serialNumber; return serialNumber;
} }
public boolean isHasPrivateKey() { public boolean hasPrivateKey() {
return hasPrivateKey; return hasPrivateKey;
} }

View File

@ -0,0 +1,109 @@
/*
* Licensed to Elasticsearch under one or more contributor
* license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright
* ownership. Elasticsearch licenses this file to you under
* the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.elasticsearch.client.security;
import org.elasticsearch.client.security.support.CertificateInfo;
import org.elasticsearch.common.xcontent.XContentBuilder;
import org.elasticsearch.test.ESTestCase;
import org.elasticsearch.test.EqualsHashCodeTestUtils;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import static org.elasticsearch.test.AbstractXContentTestCase.xContentTester;
public class GetSslCertificatesResponseTests extends ESTestCase {
public void testFromXContent() throws IOException {
xContentTester(
this::createParser,
this::createTestInstance,
this::toXContent,
GetSslCertificatesResponse::fromXContent)
.supportsUnknownFields(false)
.test();
}
public void testEqualsAndHashCode() {
final GetSslCertificatesResponse reponse = createTestInstance();
EqualsHashCodeTestUtils.checkEqualsAndHashCode(reponse, this::copy,
this::mutate);
}
protected GetSslCertificatesResponse createTestInstance() {
final CertificateInfo info1 = new CertificateInfo("certs/elastic-certificates.p12", "PKCS12", "instance",
"CN=Elastic Certificate Tool Autogenerated CA", "a20f0ee901e8f69dc633ff633e5cd5437cdb4137",
false, "2021-01-15T20:42:49.000Z");
final CertificateInfo info2 = new CertificateInfo("certs/elastic-certificates.p12", "PKCS12", "ca",
"CN=Elastic Certificate Tool Autogenerated CA", "a20f0ee901e8f69dc633ff633e5cd5437cdb4137",
false, "2021-01-15T20:42:49.000Z");
final CertificateInfo info3 = new CertificateInfo("certs/elastic-certificates.p12", "PKCS12", "instance",
"CN=instance", "a20f0ee901e8f69dc633ff633e5cd5437cdb4137",
true, "2021-01-15T20:44:32.000Z");
return new GetSslCertificatesResponse(Arrays.asList(info1, info2, info3));
}
private void toXContent(GetSslCertificatesResponse response, XContentBuilder builder) throws IOException {
builder.startArray();
for (CertificateInfo info : response.getCertificates()){
builder.startObject();
builder.field(CertificateInfo.PATH.getPreferredName(), info.getPath());
builder.field(CertificateInfo.FORMAT.getPreferredName(), info.getFormat());
builder.field(CertificateInfo.ALIAS.getPreferredName(), info.getAlias());
builder.field(CertificateInfo.SUBJECT_DN.getPreferredName(), info.getSubjectDn());
builder.field(CertificateInfo.SERIAL_NUMBER.getPreferredName(), info.getSerialNumber());
builder.field(CertificateInfo.HAS_PRIVATE_KEY.getPreferredName(), info.hasPrivateKey());
builder.field(CertificateInfo.EXPIRY.getPreferredName(), info.getExpiry());
builder.endObject();
}
builder.endArray();
}
private GetSslCertificatesResponse copy(GetSslCertificatesResponse original) {
final List<CertificateInfo> infoList = new ArrayList<>(original.getCertificates());
return new GetSslCertificatesResponse(infoList);
}
private GetSslCertificatesResponse mutate(GetSslCertificatesResponse original) {
final int i = randomIntBetween(1,5);
final List<CertificateInfo> infoList = new ArrayList<>(original.getCertificates());
switch (i) {
case 1:
infoList.remove(0);
return new GetSslCertificatesResponse(infoList);
case 2:
final CertificateInfo info = new CertificateInfo("certs/elastic-certificates.crt", "PEM", "instance",
"CN=instance2", "a20f0ee901e8f64t33ff633e5cd5437cdb4137",
true, "2028-01-15T20:44:32.000Z");
infoList.add(info);
return new GetSslCertificatesResponse(infoList);
case 3:
final CertificateInfo info2 = new CertificateInfo("certs/elastic-certificates.p12", "PKCS12", "instance",
"CN=instance1", "a20f0ee901e8f69dc633ff633e5cd5437cdb4137",
true, "2021-01-15T20:44:32.000Z");
infoList.remove(2);
infoList.add(info2);
return new GetSslCertificatesResponse(infoList);
default:
return new GetSslCertificatesResponse(Collections.emptyList());
}
}
}

View File

@ -1,53 +1,35 @@
[[java-rest-high-security-get-certificates]]
--
:api: get-certificates
:response: GetSslCertificatesResponse
--
[id="{upid}-{api}"]
=== SSL Certificate API === SSL Certificate API
[[java-rest-high-security-get-certificates-execution]] [id="{upid}-{api}-request"]
==== Execution ==== Get Certificates Request
The X.509 Certificates that are used to encrypt communications in an The X.509 Certificates that are used to encrypt communications in an
Elasticsearch cluster using the `security().getSslCertificates()` method: Elasticsearch cluster using the `security().getSslCertificates()` method:
["source","java",subs="attributes,callouts,macros"] ["source","java",subs="attributes,callouts,macros"]
-------------------------------------------------- --------------------------------------------------
include-tagged::{doc-tests}/SecurityDocumentationIT.java[get-certificates-execute] include-tagged::{doc-tests}/SecurityDocumentationIT.java[{api}-execute]
-------------------------------------------------- --------------------------------------------------
[[java-rest-high-security-get-certificates-response]] [id="{upid}-{api}-response"]
==== Response ==== Get Certificates Response
The returned `GetSslCertificatesResponse` contains a single field, `certificates`. The returned +{response}+ contains a single field, `certificates`.
This field, accessed with `getCertificates` returns a List of `CertificateInfo` This field, accessed with `getCertificates` returns a List of `CertificateInfo`
objects containing the information for all the certificates used. objects containing the information for all the certificates used.
["source","java",subs="attributes,callouts,macros"] ["source","java",subs="attributes,callouts,macros"]
-------------------------------------------------- --------------------------------------------------
include-tagged::{doc-tests}/SecurityDocumentationIT.java[get-certificates-response] include-tagged::{doc-tests}/SecurityDocumentationIT.java[{api}-response]
-------------------------------------------------- --------------------------------------------------
<1> `certificates` is a List of `CertificateInfo` <1> `certificates` is a List of `CertificateInfo`
[[java-rest-high-security-get-certificates-execute-async]] include::../execution.asciidoc[]
==== Asynchronous Execution
This request can be executed asynchronously using the `security().getSslCertificatesAsync()`
method:
["source","java",subs="attributes,callouts,macros"]
--------------------------------------------------
include-tagged::{doc-tests}/SecurityDocumentationIT.java[get-certificates-execute-async]
--------------------------------------------------
<1> The `ActionListener` to use when the execution completes.
The asynchronous method does not block and returns immediately. Once the request
has completed the `ActionListener` is called back using the `onResponse` method
if the execution successfully completed or using the `onFailure` method if
it failed.
A typical listener for a `GetSslCertificatesResponse` looks like:
["source","java",subs="attributes,callouts,macros"]
--------------------------------------------------
include-tagged::{doc-tests}/SecurityDocumentationIT.java[get-certificates-execute-listener]
--------------------------------------------------
<1> Called when the execution is successfully completed. The response is
provided as an argument.
<2> Called in case of failure. The raised exception is provided as an argument.