From a35234de5692f82508354d1a61d8682b25ea3747 Mon Sep 17 00:00:00 2001 From: Jay Modi Date: Tue, 1 Aug 2017 14:13:08 -0600 Subject: [PATCH] Setup password tool builds default URL from settings (elastic/x-pack-elasticsearch#2146) This change makes the setup password tool build the default URL from the settings provided by the environment. This will ease the amount of work a user would have to do in order to run the tool as http vs https will be selected automatically and the port/host will as well. Original commit: elastic/x-pack-elasticsearch@79affe4a79bd9507cb2399dc52c20aa4911e797d --- .../esnative/tool/CommandLineHttpClient.java | 17 +++++++++++++++++ .../authc/esnative/tool/SetupPasswordTool.java | 2 +- .../esnative/tool/SetupPasswordToolTests.java | 1 + 3 files changed, 19 insertions(+), 1 deletion(-) diff --git a/plugin/src/main/java/org/elasticsearch/xpack/security/authc/esnative/tool/CommandLineHttpClient.java b/plugin/src/main/java/org/elasticsearch/xpack/security/authc/esnative/tool/CommandLineHttpClient.java index 9fcaf65fa1e..47e18dfa285 100644 --- a/plugin/src/main/java/org/elasticsearch/xpack/security/authc/esnative/tool/CommandLineHttpClient.java +++ b/plugin/src/main/java/org/elasticsearch/xpack/security/authc/esnative/tool/CommandLineHttpClient.java @@ -7,12 +7,17 @@ package org.elasticsearch.xpack.security.authc.esnative.tool; import org.bouncycastle.util.io.Streams; import org.elasticsearch.common.Nullable; +import org.elasticsearch.common.Strings; import org.elasticsearch.common.SuppressForbidden; import org.elasticsearch.common.lease.Releasables; +import org.elasticsearch.common.network.NetworkService; import org.elasticsearch.common.settings.SecureString; import org.elasticsearch.common.settings.Settings; +import org.elasticsearch.common.transport.PortsRange; import org.elasticsearch.common.xcontent.XContentType; import org.elasticsearch.env.Environment; +import org.elasticsearch.http.HttpTransportSettings; +import org.elasticsearch.xpack.XPackSettings; import org.elasticsearch.xpack.common.socket.SocketAccess; import org.elasticsearch.xpack.security.authc.support.UsernamePasswordToken; import org.elasticsearch.xpack.ssl.SSLService; @@ -27,7 +32,10 @@ import java.net.URL; import java.nio.charset.StandardCharsets; import java.security.AccessController; import java.security.PrivilegedAction; +import java.util.List; +import static org.elasticsearch.http.HttpTransportSettings.SETTING_HTTP_PUBLISH_HOST; +import static org.elasticsearch.http.HttpTransportSettings.SETTING_HTTP_PUBLISH_PORT; import static org.elasticsearch.xpack.security.Security.setting; /** @@ -94,4 +102,13 @@ public class CommandLineHttpClient { conn.disconnect(); } } + + public String getDefaultURL() { + final String scheme = XPackSettings.HTTP_SSL_ENABLED.get(settings) ? "https" : "http"; + List httpPublishHost = SETTING_HTTP_PUBLISH_HOST.get(settings); + final String host = + (httpPublishHost.isEmpty() ? NetworkService.GLOBAL_NETWORK_PUBLISHHOST_SETTING.get(settings) : httpPublishHost).get(0); + final int port = SETTING_HTTP_PUBLISH_PORT.get(settings); + return scheme + "://" + host + ":" + port; + } } diff --git a/plugin/src/main/java/org/elasticsearch/xpack/security/authc/esnative/tool/SetupPasswordTool.java b/plugin/src/main/java/org/elasticsearch/xpack/security/authc/esnative/tool/SetupPasswordTool.java index 869bf0cb009..ea1c029cac1 100644 --- a/plugin/src/main/java/org/elasticsearch/xpack/security/authc/esnative/tool/SetupPasswordTool.java +++ b/plugin/src/main/java/org/elasticsearch/xpack/security/authc/esnative/tool/SetupPasswordTool.java @@ -187,7 +187,7 @@ public class SetupPasswordTool extends MultiCommand { client = clientFunction.apply(env); KeyStoreWrapper keyStore = keyStoreFunction.apply(env); String providedUrl = urlOption.value(options); - url = providedUrl == null ? "http://localhost:9200" : providedUrl; + url = providedUrl == null ? client.getDefaultURL() : providedUrl; setShouldPrompt(options); // TODO: We currently do not support keystore passwords diff --git a/plugin/src/test/java/org/elasticsearch/xpack/security/authc/esnative/tool/SetupPasswordToolTests.java b/plugin/src/test/java/org/elasticsearch/xpack/security/authc/esnative/tool/SetupPasswordToolTests.java index 25f64552613..667c50a2eff 100644 --- a/plugin/src/test/java/org/elasticsearch/xpack/security/authc/esnative/tool/SetupPasswordToolTests.java +++ b/plugin/src/test/java/org/elasticsearch/xpack/security/authc/esnative/tool/SetupPasswordToolTests.java @@ -53,6 +53,7 @@ public class SetupPasswordToolTests extends CommandTestCase { this.keyStore = mock(KeyStoreWrapper.class); this.httpClient = mock(CommandLineHttpClient.class); when(keyStore.getString(ReservedRealm.BOOTSTRAP_ELASTIC_PASSWORD.getKey())).thenReturn(bootstrapPassword); + when(httpClient.getDefaultURL()).thenReturn("http://localhost:9200"); terminal.addSecretInput(ep); terminal.addSecretInput(ep);