Replace health with authenticate calls in tests #50073
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
In integration tests for API Keys and Tokens, we would use calls we did with the transport client to the cluster health endpoint after adding the API key or Token with `filterWithHeader()` in order to verify that the API Key or Token is valid. The response would always be successful regardless of the validity of the Token or API Key since the internal request would have the `_system` user as a fallback user and the `_system` is allowed to call the health API. When failing to validate the token or key, we would fallback to the `_system` user, see AuthenticationService#handleNullToken This commit changes our behavior to use the RestClient and call the authenticate API to verify the validity of tokens and API keys.
jkakavas
added
>test
|
Pinging @elastic/es-security (:Security/Authentication) |
albertzaharovits
approved these changes
Dec 13, 2019
SivagurunathanV
pushed a commit
to SivagurunathanV/elasticsearch
that referenced
this pull request
Jan 23, 2020
In integration tests for API Keys and Tokens, we would use calls we did with the transport client to the cluster health endpoint after adding the API key or Token with `filterWithHeader()` in order to verify that the API Key or Token is valid. The response would always be successful regardless of the validity of the Token or API Key since the internal request would have the `_system` user as a fallback user and the `_system` is allowed to call the health API. When failing to validate the token or key, we would fallback to the `_system` user, see AuthenticationService#handleNullToken This commit changes our behavior to use the RestClient and call the authenticate API to verify the validity of tokens and API keys.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In integration tests for API Keys and Tokens, we would use calls
we did with the transport client to the cluster health endpoint
after adding Authorization header with
filterWithHeader(), inorder to verify that the API Key or Token is valid.
The response would always be successful regardless of the
validity of the Token or API Key since the internal request would
have the
_systemuser as a fallback user and the_systemisallowed to call the health API. When failing to validate the
token or key, we would fallback to the
_systemuser,see AuthenticationService#handleNullToken
This commit changes our behavior to use the RestClient and call the
authenticate API to verify the validity of tokens and API keys.