HLRest: refactor put_user to utilize `User` object (#35188)

This follows #33552 , when the `_authenticate` API added a new
`User` object for the API's response. This changes the `put_user`
API to also employ a `User` object in the request.
The User object changed slightly.
A bug with put_user only putting/updating enabled (but not disabled)
users has been fixed.
This commit is contained in:
Albert Zaharovits 2018-11-08 18:42:36 +02:00 committed by GitHub
parent 113af7996c
commit 85a8b517bd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 159 additions and 166 deletions

View File

@ -63,7 +63,7 @@ final class SecurityRequestConverters {
static Request putUser(PutUserRequest putUserRequest) throws IOException {
String endpoint = new RequestConverters.EndpointBuilder()
.addPathPartAsIs("_xpack/security/user")
.addPathPart(putUserRequest.getUsername())
.addPathPart(putUserRequest.getUser().getUsername())
.build();
Request request = new Request(HttpPut.METHOD_NAME, endpoint);
request.setEntity(createEntity(putUserRequest, REQUEST_BODY_CONTENT_TYPE));

View File

@ -21,15 +21,14 @@ package org.elasticsearch.client.security;
import org.elasticsearch.client.Validatable;
import org.elasticsearch.client.ValidationException;
import org.elasticsearch.client.security.user.User;
import org.elasticsearch.common.CharArrays;
import org.elasticsearch.common.Nullable;
import org.elasticsearch.common.xcontent.ToXContentObject;
import org.elasticsearch.common.xcontent.XContentBuilder;
import java.io.IOException;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
@ -38,62 +37,33 @@ import java.util.Optional;
*/
public final class PutUserRequest implements Validatable, ToXContentObject {
private final String username;
private final List<String> roles;
private final String fullName;
private final String email;
private final Map<String, Object> metadata;
private final char[] password;
private final User user;
private final @Nullable char[] password;
private final boolean enabled;
private final RefreshPolicy refreshPolicy;
/**
* Creates a new request that is used to create or update a user in the native realm.
*
* @param username the username of the user to be created or updated
* @param user the user to be created or updated
* @param password the password of the user. The password array is not modified by this class.
* It is the responsibility of the caller to clear the password after receiving
* a response.
* @param roles the roles that this user is assigned
* @param fullName the full name of the user that may be used for display purposes
* @param email the email address of the user
* @param enabled true if the user is enabled and allowed to access elasticsearch
* @param metadata a map of additional user attributes that may be used in templating roles
* @param refreshPolicy the refresh policy for the request.
*/
public PutUserRequest(String username, char[] password, List<String> roles, String fullName, String email, boolean enabled,
Map<String, Object> metadata, RefreshPolicy refreshPolicy) {
this.username = Objects.requireNonNull(username, "username is required");
public PutUserRequest(User user, @Nullable char[] password, boolean enabled, @Nullable RefreshPolicy refreshPolicy) {
this.user = Objects.requireNonNull(user, "user is required, cannot be null");
this.password = password;
this.roles = Collections.unmodifiableList(Objects.requireNonNull(roles, "roles must be specified"));
this.fullName = fullName;
this.email = email;
this.enabled = enabled;
this.metadata = metadata == null ? Collections.emptyMap() : Collections.unmodifiableMap(metadata);
this.refreshPolicy = refreshPolicy == null ? RefreshPolicy.getDefault() : refreshPolicy;
}
public String getUsername() {
return username;
public User getUser() {
return user;
}
public List<String> getRoles() {
return roles;
}
public String getFullName() {
return fullName;
}
public String getEmail() {
return email;
}
public Map<String, Object> getMetadata() {
return metadata;
}
public char[] getPassword() {
public @Nullable char[] getPassword() {
return password;
}
@ -109,29 +79,25 @@ public final class PutUserRequest implements Validatable, ToXContentObject {
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
PutUserRequest that = (PutUserRequest) o;
return enabled == that.enabled &&
Objects.equals(username, that.username) &&
Objects.equals(roles, that.roles) &&
Objects.equals(fullName, that.fullName) &&
Objects.equals(email, that.email) &&
Objects.equals(metadata, that.metadata) &&
Arrays.equals(password, that.password) &&
refreshPolicy == that.refreshPolicy;
final PutUserRequest that = (PutUserRequest) o;
return Objects.equals(user, that.user)
&& Arrays.equals(password, that.password)
&& enabled == that.enabled
&& refreshPolicy == that.refreshPolicy;
}
@Override
public int hashCode() {
int result = Objects.hash(username, roles, fullName, email, metadata, enabled, refreshPolicy);
int result = Objects.hash(user, enabled, refreshPolicy);
result = 31 * result + Arrays.hashCode(password);
return result;
}
@Override
public Optional<ValidationException> validate() {
if (metadata != null && metadata.keySet().stream().anyMatch(s -> s.startsWith("_"))) {
if (user.getMetadata() != null && user.getMetadata().keySet().stream().anyMatch(s -> s.startsWith("_"))) {
ValidationException validationException = new ValidationException();
validationException.addValidationError("metadata keys may not start with [_]");
validationException.addValidationError("user metadata keys may not start with [_]");
return Optional.of(validationException);
}
return Optional.empty();
@ -140,7 +106,7 @@ public final class PutUserRequest implements Validatable, ToXContentObject {
@Override
public XContentBuilder toXContent(XContentBuilder builder, Params params) throws IOException {
builder.startObject();
builder.field("username", username);
builder.field("username", user.getUsername());
if (password != null) {
byte[] charBytes = CharArrays.toUtf8Bytes(password);
try {
@ -149,18 +115,15 @@ public final class PutUserRequest implements Validatable, ToXContentObject {
Arrays.fill(charBytes, (byte) 0);
}
}
if (roles != null) {
builder.field("roles", roles);
builder.field("roles", user.getRoles());
if (user.getFullName() != null) {
builder.field("full_name", user.getFullName());
}
if (fullName != null) {
builder.field("full_name", fullName);
}
if (email != null) {
builder.field("email", email);
}
if (metadata != null) {
builder.field("metadata", metadata);
if (user.getEmail() != null) {
builder.field("email", user.getEmail());
}
builder.field("metadata", user.getMetadata());
builder.field("enabled", enabled);
return builder.endObject();
}
}

View File

@ -24,38 +24,59 @@ import org.elasticsearch.common.Strings;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
/**
* An authenticated user
* A user to be utilized with security APIs.
* Can be an existing authenticated user or it can be a new user to be enrolled to the native realm.
*/
public final class User {
private final String username;
private final Collection<String> roles;
private final Set<String> roles;
private final Map<String, Object> metadata;
@Nullable private final String fullName;
@Nullable private final String email;
/**
* Builds the user to be utilized with security APIs.
*
* @param username the username, also known as the principal, unique for in the scope of a realm
* @param roles the roles that this user is assigned
* @param metadata a map of additional user attributes that may be used in templating roles
* @param fullName the full name of the user that may be used for display purposes
* @param email the email address of the user
*/
public User(String username, Collection<String> roles, Map<String, Object> metadata, @Nullable String fullName,
@Nullable String email) {
Objects.requireNonNull(username, "`username` cannot be null");
Objects.requireNonNull(roles, "`roles` cannot be null. Pass an empty collection instead.");
Objects.requireNonNull(roles, "`metadata` cannot be null. Pass an empty map instead.");
this.username = username;
this.roles = roles;
this.metadata = Collections.unmodifiableMap(metadata);
this.username = username = Objects.requireNonNull(username, "`username` is required, cannot be null");
this.roles = Collections.unmodifiableSet(new HashSet<>(
Objects.requireNonNull(roles, "`roles` is required, cannot be null. Pass an empty Collection instead.")));
this.metadata = Collections
.unmodifiableMap(Objects.requireNonNull(metadata, "`metadata` is required, cannot be null. Pass an empty map instead."));
this.fullName = fullName;
this.email = email;
}
/**
* Builds the user to be utilized with security APIs.
*
* @param username the username, also known as the principal, unique for in the scope of a realm
* @param roles the roles that this user is assigned
*/
public User(String username, Collection<String> roles) {
this(username, roles, Collections.emptyMap(), null, null);
}
/**
* @return The principal of this user - effectively serving as the
* unique identity of the user. Can never be {@code null}.
*/
public String username() {
public String getUsername() {
return this.username;
}
@ -64,28 +85,28 @@ public final class User {
* identified by their unique names and each represents as
* set of permissions. Can never be {@code null}.
*/
public Collection<String> roles() {
public Set<String> getRoles() {
return this.roles;
}
/**
* @return The metadata that is associated with this user. Can never be {@code null}.
*/
public Map<String, Object> metadata() {
public Map<String, Object> getMetadata() {
return metadata;
}
/**
* @return The full name of this user. May be {@code null}.
*/
public @Nullable String fullName() {
public @Nullable String getFullName() {
return fullName;
}
/**
* @return The email of this user. May be {@code null}.
*/
public @Nullable String email() {
public @Nullable String getEmail() {
return email;
}
@ -103,28 +124,14 @@ public final class User {
@Override
public boolean equals(Object o) {
if (this == o) {
return true;
}
if (o instanceof User == false) {
return false;
}
final User user = (User) o;
if (!username.equals(user.username)) {
return false;
}
if (!roles.equals(user.roles)) {
return false;
}
if (!metadata.equals(user.metadata)) {
return false;
}
if (fullName != null ? !fullName.equals(user.fullName) : user.fullName != null) {
return false;
}
return !(email != null ? !email.equals(user.email) : user.email != null);
if (this == o) return true;
if (o == null || this.getClass() != o.getClass()) return false;
final User that = (User) o;
return Objects.equals(username, that.username)
&& Objects.equals(roles, that.roles)
&& Objects.equals(metadata, that.metadata)
&& Objects.equals(fullName, that.fullName)
&& Objects.equals(email, that.email);
}
@Override

View File

@ -25,6 +25,7 @@ import org.elasticsearch.client.security.AuthenticateResponse;
import org.elasticsearch.client.security.PutUserRequest;
import org.elasticsearch.client.security.PutUserResponse;
import org.elasticsearch.client.security.RefreshPolicy;
import org.elasticsearch.client.security.user.User;
import org.elasticsearch.common.CharArrays;
import java.util.Arrays;
@ -34,12 +35,29 @@ import java.util.List;
import java.util.Map;
import static org.hamcrest.Matchers.is;
import static org.hamcrest.Matchers.contains;
import static org.hamcrest.Matchers.containsString;
import static org.hamcrest.Matchers.empty;
public class SecurityIT extends ESRestHighLevelClientTestCase {
public void testPutUser() throws Exception {
final SecurityClient securityClient = highLevelClient().security();
// create user
final PutUserRequest putUserRequest = randomPutUserRequest(randomBoolean());
final PutUserResponse putUserResponse = execute(putUserRequest, securityClient::putUser, securityClient::putUserAsync);
// assert user created
assertThat(putUserResponse.isCreated(), is(true));
// update user
final User updatedUser = randomUser(putUserRequest.getUser().getUsername());
final PutUserRequest updateUserRequest = randomPutUserRequest(updatedUser, randomBoolean());
final PutUserResponse updateUserResponse = execute(updateUserRequest, securityClient::putUser, securityClient::putUserAsync);
// assert user not created
assertThat(updateUserResponse.isCreated(), is(false));
// delete user
final Request deleteUserRequest = new Request(HttpDelete.METHOD_NAME,
"/_xpack/security/user/" + putUserRequest.getUser().getUsername());
highLevelClient().getLowLevelClient().performRequest(deleteUserRequest);
}
public void testAuthenticate() throws Exception {
final SecurityClient securityClient = highLevelClient().security();
// test fixture: put enabled user
@ -48,34 +66,30 @@ public class SecurityIT extends ESRestHighLevelClientTestCase {
assertThat(putUserResponse.isCreated(), is(true));
// authenticate correctly
final String basicAuthHeader = basicAuthHeader(putUserRequest.getUsername(), putUserRequest.getPassword());
final String basicAuthHeader = basicAuthHeader(putUserRequest.getUser().getUsername(), putUserRequest.getPassword());
final AuthenticateResponse authenticateResponse = execute(securityClient::authenticate, securityClient::authenticateAsync,
authorizationRequestOptions(basicAuthHeader));
assertThat(authenticateResponse.getUser().username(), is(putUserRequest.getUsername()));
if (putUserRequest.getRoles().isEmpty()) {
assertThat(authenticateResponse.getUser().roles(), is(empty()));
} else {
assertThat(authenticateResponse.getUser().roles(), contains(putUserRequest.getRoles().toArray()));
}
assertThat(authenticateResponse.getUser().metadata(), is(putUserRequest.getMetadata()));
assertThat(authenticateResponse.getUser().fullName(), is(putUserRequest.getFullName()));
assertThat(authenticateResponse.getUser().email(), is(putUserRequest.getEmail()));
assertThat(authenticateResponse.getUser(), is(putUserRequest.getUser()));
assertThat(authenticateResponse.enabled(), is(true));
// delete user
final Request deleteUserRequest = new Request(HttpDelete.METHOD_NAME, "/_xpack/security/user/" + putUserRequest.getUsername());
final Request deleteUserRequest = new Request(HttpDelete.METHOD_NAME,
"/_xpack/security/user/" + putUserRequest.getUser().getUsername());
highLevelClient().getLowLevelClient().performRequest(deleteUserRequest);
// authentication no longer works
ElasticsearchStatusException e = expectThrows(ElasticsearchStatusException.class, () -> execute(securityClient::authenticate,
securityClient::authenticateAsync, authorizationRequestOptions(basicAuthHeader)));
assertThat(e.getMessage(), containsString("unable to authenticate user [" + putUserRequest.getUsername() + "]"));
assertThat(e.getMessage(), containsString("unable to authenticate user [" + putUserRequest.getUser().getUsername() + "]"));
}
private static PutUserRequest randomPutUserRequest(boolean enabled) {
private static User randomUser() {
final String username = randomAlphaOfLengthBetween(1, 4);
final char[] password = randomAlphaOfLengthBetween(6, 10).toCharArray();
return randomUser(username);
}
private static User randomUser(String username) {
final List<String> roles = Arrays.asList(generateRandomStringArray(3, 3, false, true));
final String fullName = randomFrom(random(), null, randomAlphaOfLengthBetween(0, 3));
final String email = randomFrom(random(), null, randomAlphaOfLengthBetween(0, 3));
@ -91,7 +105,17 @@ public class SecurityIT extends ESRestHighLevelClientTestCase {
} else {
metadata.put("string_list", Arrays.asList(generateRandomStringArray(4, 4, false, true)));
}
return new PutUserRequest(username, password, roles, fullName, email, enabled, metadata, RefreshPolicy.IMMEDIATE);
return new User(username, roles, metadata, fullName, email);
}
private static PutUserRequest randomPutUserRequest(boolean enabled) {
final User user = randomUser();
return randomPutUserRequest(user, enabled);
}
private static PutUserRequest randomPutUserRequest(User user, boolean enabled) {
final char[] password = randomAlphaOfLengthBetween(6, 10).toCharArray();
return new PutUserRequest(user, password, enabled, RefreshPolicy.IMMEDIATE);
}
private static String basicAuthHeader(String username, char[] password) {

View File

@ -36,6 +36,7 @@ import org.elasticsearch.client.security.RefreshPolicy;
import org.elasticsearch.client.security.support.expressiondsl.RoleMapperExpression;
import org.elasticsearch.client.security.support.expressiondsl.expressions.AnyRoleMapperExpression;
import org.elasticsearch.client.security.support.expressiondsl.fields.FieldRoleMapperExpression;
import org.elasticsearch.client.security.user.User;
import org.elasticsearch.common.Strings;
import org.elasticsearch.test.ESTestCase;
@ -57,23 +58,21 @@ public class SecurityRequestConvertersTests extends ESTestCase {
final String email = randomBoolean() ? null : randomAlphaOfLengthBetween(12, 24);
final String fullName = randomBoolean() ? null : randomAlphaOfLengthBetween(7, 14);
final boolean enabled = randomBoolean();
final Map<String, Object> metadata;
final Map<String, Object> metadata = new HashMap<>();
if (randomBoolean()) {
metadata = new HashMap<>();
for (int i = 0; i < randomIntBetween(0, 10); i++) {
metadata.put(String.valueOf(i), randomAlphaOfLengthBetween(1, 12));
}
} else {
metadata = null;
}
final User user = new User(username, roles, metadata, fullName, email);
final RefreshPolicy refreshPolicy = randomFrom(RefreshPolicy.values());
final Map<String, String> expectedParams = getExpectedParamsFromRefreshPolicy(refreshPolicy);
PutUserRequest putUserRequest = new PutUserRequest(username, password, roles, fullName, email, enabled, metadata, refreshPolicy);
PutUserRequest putUserRequest = new PutUserRequest(user, password, enabled, refreshPolicy);
Request request = SecurityRequestConverters.putUser(putUserRequest);
assertEquals(HttpPut.METHOD_NAME, request.getMethod());
assertEquals("/_xpack/security/user/" + putUserRequest.getUsername(), request.getEndpoint());
assertEquals("/_xpack/security/user/" + putUserRequest.getUser().getUsername(), request.getEndpoint());
assertEquals(expectedParams, request.getParameters());
assertToXContentBody(putUserRequest, request.getEntity());
}

View File

@ -90,8 +90,8 @@ public class SecurityDocumentationIT extends ESRestHighLevelClientTestCase {
{
//tag::put-user-execute
char[] password = new char[]{'p', 'a', 's', 's', 'w', 'o', 'r', 'd'};
PutUserRequest request =
new PutUserRequest("example", password, Collections.singletonList("superuser"), null, null, true, null, RefreshPolicy.NONE);
User user = new User("example", Collections.singletonList("superuser"));
PutUserRequest request = new PutUserRequest(user, password, true, RefreshPolicy.NONE);
PutUserResponse response = client.security().putUser(request, RequestOptions.DEFAULT);
//end::put-user-execute
@ -104,8 +104,8 @@ public class SecurityDocumentationIT extends ESRestHighLevelClientTestCase {
{
char[] password = new char[]{'p', 'a', 's', 's', 'w', 'o', 'r', 'd'};
PutUserRequest request = new PutUserRequest("example2", password, Collections.singletonList("superuser"), null, null, true,
null, RefreshPolicy.NONE);
User user2 = new User("example2", Collections.singletonList("superuser"));
PutUserRequest request = new PutUserRequest(user2, password, true, RefreshPolicy.NONE);
// tag::put-user-execute-listener
ActionListener<PutUserResponse> listener = new ActionListener<PutUserResponse>() {
@Override
@ -300,8 +300,8 @@ public class SecurityDocumentationIT extends ESRestHighLevelClientTestCase {
public void testEnableUser() throws Exception {
RestHighLevelClient client = highLevelClient();
char[] password = new char[]{'p', 'a', 's', 's', 'w', 'o', 'r', 'd'};
PutUserRequest putUserRequest = new PutUserRequest("enable_user", password, Collections.singletonList("superuser"), null,
null, true, null, RefreshPolicy.IMMEDIATE);
User enable_user = new User("enable_user", Collections.singletonList("superuser"));
PutUserRequest putUserRequest = new PutUserRequest(enable_user, password, true, RefreshPolicy.IMMEDIATE);
PutUserResponse putUserResponse = client.security().putUser(putUserRequest, RequestOptions.DEFAULT);
assertTrue(putUserResponse.isCreated());
@ -345,8 +345,8 @@ public class SecurityDocumentationIT extends ESRestHighLevelClientTestCase {
public void testDisableUser() throws Exception {
RestHighLevelClient client = highLevelClient();
char[] password = new char[]{'p', 'a', 's', 's', 'w', 'o', 'r', 'd'};
PutUserRequest putUserRequest = new PutUserRequest("disable_user", password, Collections.singletonList("superuser"), null,
null, true, null, RefreshPolicy.IMMEDIATE);
User disable_user = new User("disable_user", Collections.singletonList("superuser"));
PutUserRequest putUserRequest = new PutUserRequest(disable_user, password, true, RefreshPolicy.IMMEDIATE);
PutUserResponse putUserResponse = client.security().putUser(putUserRequest, RequestOptions.DEFAULT);
assertTrue(putUserResponse.isCreated());
{
@ -398,11 +398,11 @@ public class SecurityDocumentationIT extends ESRestHighLevelClientTestCase {
boolean enabled = response.enabled(); // <2>
//end::authenticate-response
assertThat(user.username(), is("test_user"));
assertThat(user.roles(), contains(new String[]{"superuser"}));
assertThat(user.fullName(), nullValue());
assertThat(user.email(), nullValue());
assertThat(user.metadata().isEmpty(), is(true));
assertThat(user.getUsername(), is("test_user"));
assertThat(user.getRoles(), contains(new String[] {"superuser"}));
assertThat(user.getFullName(), nullValue());
assertThat(user.getEmail(), nullValue());
assertThat(user.getMetadata().isEmpty(), is(true));
assertThat(enabled, is(true));
}
@ -608,8 +608,8 @@ public class SecurityDocumentationIT extends ESRestHighLevelClientTestCase {
RestHighLevelClient client = highLevelClient();
char[] password = new char[]{'p', 'a', 's', 's', 'w', 'o', 'r', 'd'};
char[] newPassword = new char[]{'n', 'e', 'w', 'p', 'a', 's', 's', 'w', 'o', 'r', 'd'};
PutUserRequest putUserRequest = new PutUserRequest("change_password_user", password, Collections.singletonList("superuser"),
null, null, true, null, RefreshPolicy.NONE);
User user = new User("change_password_user", Collections.singletonList("superuser"), Collections.emptyMap(), null, null);
PutUserRequest putUserRequest = new PutUserRequest(user, password, true, RefreshPolicy.NONE);
PutUserResponse putUserResponse = client.security().putUser(putUserRequest, RequestOptions.DEFAULT);
assertTrue(putUserResponse.isCreated());
{
@ -774,8 +774,8 @@ public class SecurityDocumentationIT extends ESRestHighLevelClientTestCase {
{
// Setup user
PutUserRequest putUserRequest = new PutUserRequest("token_user", "password".toCharArray(),
Collections.singletonList("kibana_user"), null, null, true, null, RefreshPolicy.IMMEDIATE);
User token_user = new User("token_user", Collections.singletonList("kibana_user"));
PutUserRequest putUserRequest = new PutUserRequest(token_user, "password".toCharArray(), true, RefreshPolicy.IMMEDIATE);
PutUserResponse putUserResponse = client.security().putUser(putUserRequest, RequestOptions.DEFAULT);
assertTrue(putUserResponse.isCreated());
}
@ -852,8 +852,8 @@ public class SecurityDocumentationIT extends ESRestHighLevelClientTestCase {
{
// Setup user
final char[] password = "password".toCharArray();
PutUserRequest putUserRequest = new PutUserRequest("invalidate_token", password,
Collections.singletonList("kibana_user"), null, null, true, null, RefreshPolicy.IMMEDIATE);
User invalidate_token_user = new User("invalidate_token", Collections.singletonList("kibana_user"));
PutUserRequest putUserRequest = new PutUserRequest(invalidate_token_user, password, true, RefreshPolicy.IMMEDIATE);
PutUserResponse putUserResponse = client.security().putUser(putUserRequest, RequestOptions.DEFAULT);
assertTrue(putUserResponse.isCreated());

View File

@ -77,14 +77,14 @@ public class AuthenticateResponseTests extends ESTestCase {
final User user = response.getUser();
final boolean enabled = response.enabled();
builder.startObject();
builder.field(AuthenticateResponse.USERNAME.getPreferredName(), user.username());
builder.field(AuthenticateResponse.ROLES.getPreferredName(), user.roles());
builder.field(AuthenticateResponse.METADATA.getPreferredName(), user.metadata());
if (user.fullName() != null) {
builder.field(AuthenticateResponse.FULL_NAME.getPreferredName(), user.fullName());
builder.field(AuthenticateResponse.USERNAME.getPreferredName(), user.getUsername());
builder.field(AuthenticateResponse.ROLES.getPreferredName(), user.getRoles());
builder.field(AuthenticateResponse.METADATA.getPreferredName(), user.getMetadata());
if (user.getFullName() != null) {
builder.field(AuthenticateResponse.FULL_NAME.getPreferredName(), user.getFullName());
}
if (user.email() != null) {
builder.field(AuthenticateResponse.EMAIL.getPreferredName(), user.email());
if (user.getEmail() != null) {
builder.field(AuthenticateResponse.EMAIL.getPreferredName(), user.getEmail());
}
builder.field(AuthenticateResponse.ENABLED.getPreferredName(), enabled);
builder.endObject();
@ -92,8 +92,8 @@ public class AuthenticateResponseTests extends ESTestCase {
private AuthenticateResponse copy(AuthenticateResponse response) {
final User originalUser = response.getUser();
final User copyUser = new User(originalUser.username(), originalUser.roles(), originalUser.metadata(), originalUser.fullName(),
originalUser.email());
final User copyUser = new User(originalUser.getUsername(), originalUser.getRoles(), originalUser.getMetadata(),
originalUser.getFullName(), originalUser.getEmail());
return new AuthenticateResponse(copyUser, response.enabled());
}
@ -101,27 +101,27 @@ public class AuthenticateResponseTests extends ESTestCase {
final User originalUser = response.getUser();
switch (randomIntBetween(1, 6)) {
case 1:
return new AuthenticateResponse(new User(originalUser.username() + "wrong", originalUser.roles(), originalUser.metadata(),
originalUser.fullName(), originalUser.email()), response.enabled());
return new AuthenticateResponse(new User(originalUser.getUsername() + "wrong", originalUser.getRoles(),
originalUser.getMetadata(), originalUser.getFullName(), originalUser.getEmail()), response.enabled());
case 2:
final Collection<String> wrongRoles = new ArrayList<>(originalUser.roles());
final Collection<String> wrongRoles = new ArrayList<>(originalUser.getRoles());
wrongRoles.add(randomAlphaOfLengthBetween(1, 4));
return new AuthenticateResponse(new User(originalUser.username(), wrongRoles, originalUser.metadata(),
originalUser.fullName(), originalUser.email()), response.enabled());
return new AuthenticateResponse(new User(originalUser.getUsername(), wrongRoles, originalUser.getMetadata(),
originalUser.getFullName(), originalUser.getEmail()), response.enabled());
case 3:
final Map<String, Object> wrongMetadata = new HashMap<>(originalUser.metadata());
final Map<String, Object> wrongMetadata = new HashMap<>(originalUser.getMetadata());
wrongMetadata.put("wrong_string", randomAlphaOfLengthBetween(0, 4));
return new AuthenticateResponse(new User(originalUser.username(), originalUser.roles(), wrongMetadata,
originalUser.fullName(), originalUser.email()), response.enabled());
return new AuthenticateResponse(new User(originalUser.getUsername(), originalUser.getRoles(), wrongMetadata,
originalUser.getFullName(), originalUser.getEmail()), response.enabled());
case 4:
return new AuthenticateResponse(new User(originalUser.username(), originalUser.roles(), originalUser.metadata(),
originalUser.fullName() + "wrong", originalUser.email()), response.enabled());
return new AuthenticateResponse(new User(originalUser.getUsername(), originalUser.getRoles(), originalUser.getMetadata(),
originalUser.getFullName() + "wrong", originalUser.getEmail()), response.enabled());
case 5:
return new AuthenticateResponse(new User(originalUser.username(), originalUser.roles(), originalUser.metadata(),
originalUser.fullName(), originalUser.email() + "wrong"), response.enabled());
return new AuthenticateResponse(new User(originalUser.getUsername(), originalUser.getRoles(), originalUser.getMetadata(),
originalUser.getFullName(), originalUser.getEmail() + "wrong"), response.enabled());
case 6:
return new AuthenticateResponse(new User(originalUser.username(), originalUser.roles(), originalUser.metadata(),
originalUser.fullName(), originalUser.email()), !response.enabled());
return new AuthenticateResponse(new User(originalUser.getUsername(), originalUser.getRoles(), originalUser.getMetadata(),
originalUser.getFullName(), originalUser.getEmail()), !response.enabled());
}
throw new IllegalStateException("Bad random number");
}