From b61d34f878fd41a8d443ad0c31530ea4fad440c4 Mon Sep 17 00:00:00 2001 From: Prabhas Kurapati Date: Wed, 18 Oct 2023 22:45:07 -0700 Subject: [PATCH 1/5] finished ticket Signed-off-by: Prabhas Kurapati --- public/apps/account/account-app.tsx | 2 +- .../apps/account/test/log-out-button.test.tsx | 20 +++++++------------ public/apps/customerror/custom-error.tsx | 3 ++- public/apps/login/test/login-page.test.tsx | 15 +++++++------- server/auth/auth_handler_factory.test.ts | 19 +++++++++--------- server/auth/auth_handler_factory.ts | 1 - server/auth/types/authentication_type.ts | 4 ++-- server/auth/types/basic/routes.ts | 5 +++-- server/index.ts | 5 +++-- server/routes/auth_type_routes.ts | 4 ++-- test/jest_integration/saml_multiauth.test.ts | 3 ++- 11 files changed, 40 insertions(+), 41 deletions(-) diff --git a/public/apps/account/account-app.tsx b/public/apps/account/account-app.tsx index ebcd15d5a..fb35a2307 100644 --- a/public/apps/account/account-app.tsx +++ b/public/apps/account/account-app.tsx @@ -38,7 +38,7 @@ function tenantSpecifiedInUrl() { export async function setupTopNavButton(coreStart: CoreStart, config: ClientConfigType) { const authType = config.auth?.type; - let currAuthType = ''; + let currAuthType = AuthType.BASIC; if (typeof authType === 'string') { currAuthType = authType; } else if (Array.isArray(authType) && authType.length === 1) { diff --git a/public/apps/account/test/log-out-button.test.tsx b/public/apps/account/test/log-out-button.test.tsx index 7fd45095a..e8bce80c9 100644 --- a/public/apps/account/test/log-out-button.test.tsx +++ b/public/apps/account/test/log-out-button.test.tsx @@ -17,19 +17,13 @@ import { shallow } from 'enzyme'; import React from 'react'; import { LogoutButton } from '../log-out-button'; import { logout } from '../utils'; +import { AuthType } from '../../../../common'; jest.mock('../utils', () => ({ logout: jest.fn(), })); describe('Account menu - Log out button', () => { - enum authType { - OpenId = 'openid', - SAML = 'saml', - Proxy = 'proxy', - Basic = 'basicauth', - } - const mockHttpStart = { basePath: { serverBasePath: '', @@ -39,42 +33,42 @@ describe('Account menu - Log out button', () => { describe('renders', () => { it('renders when auth type is MultiAuth: openid', () => { const component = shallow( - + ); expect(component).toMatchSnapshot(); }); it('renders when auth type is MultiAuth: saml', () => { const component = shallow( - + ); expect(component).toMatchSnapshot(); }); it('renders when auth type is MultiAuth: basicauth', () => { const component = shallow( - + ); expect(component).toMatchSnapshot(); }); it('renders when auth type is OpenId', () => { const component = shallow( - + ); expect(component).toMatchSnapshot(); }); it('renders when auth type is SAML', () => { const component = shallow( - + ); expect(component).toMatchSnapshot(); }); it('renders when auth type is Proxy', () => { const component = shallow( - + ); expect(component).toMatchSnapshot(); }); diff --git a/public/apps/customerror/custom-error.tsx b/public/apps/customerror/custom-error.tsx index eb4dd9f2e..e26558e47 100644 --- a/public/apps/customerror/custom-error.tsx +++ b/public/apps/customerror/custom-error.tsx @@ -20,6 +20,7 @@ import ReactDOM from 'react-dom'; import { Router, Route } from 'react-router-dom'; import { ERROR_MISSING_ROLE_PATH } from '../../../common'; import { ClientConfigType } from '../../types'; +import { AuthType } from '../../../common'; import './_index.scss'; interface CustomErrorDeps { @@ -27,7 +28,7 @@ interface CustomErrorDeps { subtitle: string; http: CoreStart['http']; chrome: CoreStart['chrome']; - config: ClientConfigType['ui']['basicauth']['login']; + config: ClientConfigType['ui'][AuthType.BASIC]['login']; } export function CustomErrorPage(props: CustomErrorDeps) { diff --git a/public/apps/login/test/login-page.test.tsx b/public/apps/login/test/login-page.test.tsx index 3c41b17c3..3cecfe819 100644 --- a/public/apps/login/test/login-page.test.tsx +++ b/public/apps/login/test/login-page.test.tsx @@ -20,6 +20,7 @@ import { LoginPage, extractNextUrlFromWindowLocation } from '../login-page'; import { validateCurrentPassword } from '../../../utils/login-utils'; import { API_AUTH_LOGOUT } from '../../../../common'; import { chromeServiceMock } from '../../../../../../src/core/public/mocks'; +import { AuthType } from '../../../../common'; jest.mock('../../../utils/login-utils', () => ({ validateCurrentPassword: jest.fn(), @@ -101,7 +102,7 @@ describe('Login page', () => { const config: ClientConfigType = { ui: configUI, auth: { - type: ['basicauth'], + type: [AuthType.BASIC], logout_url: API_AUTH_LOGOUT, }, }; @@ -115,7 +116,7 @@ describe('Login page', () => { const config: ClientConfigType = { ui: configUI, auth: { - type: 'basicauth', + type: AuthType.BASIC, logout_url: API_AUTH_LOGOUT, }, }; @@ -129,7 +130,7 @@ describe('Login page', () => { const config: ClientConfigType = { ui: configUI, auth: { - type: ['basicauth', 'openid', 'saml'], + type: [AuthType.BASIC, 'openid', 'saml'], logout_url: API_AUTH_LOGOUT, }, }; @@ -143,7 +144,7 @@ describe('Login page', () => { const config: ClientConfigType = { ui: configUiDefault, auth: { - type: [''], + type: [AuthType.BASIC], }, }; const component = shallow( @@ -156,7 +157,7 @@ describe('Login page', () => { const config: ClientConfigType = { ui: configUiDefault, auth: { - type: '', + type: AuthType.BASIC, }, }; const component = shallow( @@ -173,7 +174,7 @@ describe('Login page', () => { const config: ClientConfigType = { ui: configUiDefault, auth: { - type: 'basicauth', + type: AuthType.BASIC, }, }; beforeEach(() => { @@ -207,7 +208,7 @@ describe('Login page', () => { const config: ClientConfigType = { ui: configUiDefault, auth: { - type: 'basicauth', + type: AuthType.BASIC, }, }; beforeEach(() => { diff --git a/server/auth/auth_handler_factory.test.ts b/server/auth/auth_handler_factory.test.ts index 71d70ccac..df48af891 100644 --- a/server/auth/auth_handler_factory.test.ts +++ b/server/auth/auth_handler_factory.test.ts @@ -23,13 +23,14 @@ import { import { SecurityPluginConfigType } from '..'; import { SecuritySessionCookie } from '../session/security_cookie'; import { getAuthenticationHandler } from './auth_handler_factory'; +import { AuthType } from '../../common'; jest.mock('./types', () => { return { BasicAuthentication: jest.fn().mockImplementation(() => { return { authHandler: () => {}, - type: 'basicauth', + type: AuthType.BASIC, init: () => {}, }; }), @@ -83,7 +84,7 @@ describe('test authentication factory', () => { test('get basic auth: string array', async () => { const auth = await getAuthenticationHandler( - ['basicauth'], + [AuthType.BASIC], router, config, core, @@ -91,12 +92,12 @@ describe('test authentication factory', () => { sessionStorageFactory, logger ); - expect(auth.type).toEqual('basicauth'); + expect(auth.type).toEqual(AuthType.BASIC); }); test('get basic auth: string', async () => { const auth = await getAuthenticationHandler( - 'basicauth', + AuthType.BASIC, router, config, core, @@ -104,12 +105,12 @@ describe('test authentication factory', () => { sessionStorageFactory, logger ); - expect(auth.type).toEqual('basicauth'); + expect(auth.type).toEqual(AuthType.BASIC); }); test('get basic auth with empty auth type: string array', async () => { const auth = await getAuthenticationHandler( - [''], + [AuthType.BASIC], router, config, core, @@ -117,12 +118,12 @@ describe('test authentication factory', () => { sessionStorageFactory, logger ); - expect(auth.type).toEqual('basicauth'); + expect(auth.type).toEqual(AuthType.BASIC); }); test('get basic auth with empty auth type: string', async () => { const auth = await getAuthenticationHandler( - '', + AuthType.BASIC, router, config, core, @@ -130,7 +131,7 @@ describe('test authentication factory', () => { sessionStorageFactory, logger ); - expect(auth.type).toEqual('basicauth'); + expect(auth.type).toEqual(AuthType.BASIC); }); test('get jwt auth: string array', async () => { diff --git a/server/auth/auth_handler_factory.ts b/server/auth/auth_handler_factory.ts index 2cd3c7c25..330dcebc1 100644 --- a/server/auth/auth_handler_factory.ts +++ b/server/auth/auth_handler_factory.ts @@ -60,7 +60,6 @@ export async function getAuthenticationHandler( if (typeof authType === 'string' || authType.length === 1) { const currType = typeof authType === 'string' ? authType : authType[0]; switch (currType.toLowerCase()) { - case '': case AuthType.BASIC: authHandlerType = BasicAuthentication; break; diff --git a/server/auth/types/authentication_type.ts b/server/auth/types/authentication_type.ts index 56ec21463..620227ac7 100755 --- a/server/auth/types/authentication_type.ts +++ b/server/auth/types/authentication_type.ts @@ -31,7 +31,7 @@ import { SecuritySessionCookie } from '../../session/security_cookie'; import { SecurityClient } from '../../backend/opensearch_security_client'; import { resolveTenant, isValidTenant } from '../../multitenancy/tenant_resolver'; import { UnauthenticatedError } from '../../errors'; -import { GLOBAL_TENANT_SYMBOL } from '../../../common'; +import { AuthType, GLOBAL_TENANT_SYMBOL } from '../../../common'; export interface IAuthenticationType { type: string; @@ -88,7 +88,7 @@ export abstract class AuthenticationType implements IAuthenticationType { protected readonly logger: Logger ) { this.securityClient = new SecurityClient(esClient); - this.type = ''; + this.type = AuthType.BASIC; this.config = config; } diff --git a/server/auth/types/basic/routes.ts b/server/auth/types/basic/routes.ts index 70ae5ee85..a82c395bd 100755 --- a/server/auth/types/basic/routes.ts +++ b/server/auth/types/basic/routes.ts @@ -30,6 +30,7 @@ import { } from '../../../../common'; import { resolveTenant } from '../../../multitenancy/tenant_resolver'; import { encodeUriQuery } from '../../../../../../src/plugins/opensearch_dashboards_utils/common/url/encode_uri_query'; +import { AuthType } from '../../../../common'; export class BasicAuthRoutes { constructor( @@ -112,7 +113,7 @@ export class BasicAuthRoutes { credentials: { authHeaderValue: `Basic ${encodedCredentials}`, }, - authType: 'basicauth', + authType: AuthType.BASIC, isAnonymousAuth: false, expiryTime: Date.now() + this.config.session.ttl, }; @@ -202,7 +203,7 @@ export class BasicAuthRoutes { this.sessionStorageFactory.asScoped(request).clear(); const sessionStorage: SecuritySessionCookie = { username: user.username, - authType: 'basicauth', + authType: AuthType.BASIC, isAnonymousAuth: true, expiryTime: Date.now() + this.config.session.ttl, }; diff --git a/server/index.ts b/server/index.ts index b4384315a..309e7e2c4 100644 --- a/server/index.ts +++ b/server/index.ts @@ -16,11 +16,12 @@ import { schema, TypeOf } from '@osd/config-schema'; import { PluginInitializerContext, PluginConfigDescriptor } from '../../../src/core/server'; import { SecurityPlugin } from './plugin'; +import { AuthType } from '../common'; const validateAuthType = (value: string[]) => { const supportedAuthTypes = [ '', - 'basicauth', + AuthType.BASIC, 'jwt', 'openid', 'saml', @@ -88,7 +89,7 @@ export const configSchema = schema.object({ if (value.length > 1) { const includeBasicAuth = value.find((element) => { - return element.toLowerCase() === 'basicauth'; + return element.toLowerCase() === AuthType.BASIC; }); if (!includeBasicAuth) { diff --git a/server/routes/auth_type_routes.ts b/server/routes/auth_type_routes.ts index 0b631325e..7c6f4daf1 100644 --- a/server/routes/auth_type_routes.ts +++ b/server/routes/auth_type_routes.ts @@ -15,7 +15,7 @@ import { IRouter } from 'opensearch-dashboards/server'; import { SecurityPluginConfigType } from '..'; - +import { AuthType } from '../../common'; export function defineAuthTypeRoutes(router: IRouter, config: SecurityPluginConfigType) { /** * Auth type API that returns current auth type configured on OpenSearchDashboards Server. @@ -30,7 +30,7 @@ export function defineAuthTypeRoutes(router: IRouter, config: SecurityPluginConf router.get( { path: '/api/authtype', validate: false, options: { authRequired: false } }, async (context, request, response) => { - const authType = config.auth.type || 'basicauth'; + const authType = config.auth.type || AuthType.BASIC; return response.ok({ body: { authtype: authType, diff --git a/test/jest_integration/saml_multiauth.test.ts b/test/jest_integration/saml_multiauth.test.ts index c29c88085..7d1e36861 100644 --- a/test/jest_integration/saml_multiauth.test.ts +++ b/test/jest_integration/saml_multiauth.test.ts @@ -25,6 +25,7 @@ import { import wreck from '@hapi/wreck'; import { Builder, By, until } from 'selenium-webdriver'; import { Options } from 'selenium-webdriver/firefox'; +import { AuthType } from '../../common'; describe('start OpenSearch Dashboards server', () => { let root: Root; @@ -69,7 +70,7 @@ describe('start OpenSearch Dashboards server', () => { opensearch_security: { auth: { anonymous_auth_enabled: false, - type: ['basicauth', 'saml'], + type: [AuthType.BASIC, 'saml'], multiple_auth_enabled: true, }, multitenancy: { From 146dda66d09ebea4870b7a47a85035638cfc3613 Mon Sep 17 00:00:00 2001 From: Prabhas Kurapati Date: Wed, 18 Oct 2023 23:28:17 -0700 Subject: [PATCH 2/5] fixed invalid auth type error Signed-off-by: Prabhas Kurapati --- server/auth/auth_handler_factory.test.ts | 28 +----------------------- server/index.ts | 7 +++--- 2 files changed, 4 insertions(+), 31 deletions(-) diff --git a/server/auth/auth_handler_factory.test.ts b/server/auth/auth_handler_factory.test.ts index df48af891..9dcd073ae 100644 --- a/server/auth/auth_handler_factory.test.ts +++ b/server/auth/auth_handler_factory.test.ts @@ -108,32 +108,6 @@ describe('test authentication factory', () => { expect(auth.type).toEqual(AuthType.BASIC); }); - test('get basic auth with empty auth type: string array', async () => { - const auth = await getAuthenticationHandler( - [AuthType.BASIC], - router, - config, - core, - esClient, - sessionStorageFactory, - logger - ); - expect(auth.type).toEqual(AuthType.BASIC); - }); - - test('get basic auth with empty auth type: string', async () => { - const auth = await getAuthenticationHandler( - AuthType.BASIC, - router, - config, - core, - esClient, - sessionStorageFactory, - logger - ); - expect(auth.type).toEqual(AuthType.BASIC); - }); - test('get jwt auth: string array', async () => { const auth = await getAuthenticationHandler( ['jwt'], @@ -264,7 +238,7 @@ describe('test authentication factory', () => { }; try { await getAuthenticationHandler( - ['openid', 'saml', 'basiauth'], + ['openid', 'saml', AuthType.BASIC], router, config, core, diff --git a/server/index.ts b/server/index.ts index 309e7e2c4..c4a7374cf 100644 --- a/server/index.ts +++ b/server/index.ts @@ -20,7 +20,6 @@ import { AuthType } from '../common'; const validateAuthType = (value: string[]) => { const supportedAuthTypes = [ - '', AuthType.BASIC, 'jwt', 'openid', @@ -81,7 +80,7 @@ export const configSchema = schema.object({ type: schema.oneOf( [ schema.arrayOf(schema.string(), { - defaultValue: [''], + defaultValue: [AuthType.BASIC], validate(value: string[]) { if (!value || value.length === 0) { return `Authentication type is not configured properly. At least one authentication type must be selected.`; @@ -101,7 +100,7 @@ export const configSchema = schema.object({ }, }), schema.string({ - defaultValue: '', + defaultValue: AuthType.BASIC, validate(value) { const valArray: string[] = []; valArray.push(value); @@ -109,7 +108,7 @@ export const configSchema = schema.object({ }, }), ], - { defaultValue: '' } + { defaultValue: AuthType.BASIC } ), anonymous_auth_enabled: schema.boolean({ defaultValue: false }), unauthenticated_routes: schema.arrayOf(schema.string(), { From 6b1ae43a3513fb61abf3026392974d706a18be44 Mon Sep 17 00:00:00 2001 From: Prabhas Kurapati Date: Fri, 20 Oct 2023 00:08:57 -0700 Subject: [PATCH 3/5] fixed unit tests Signed-off-by: Prabhas Kurapati --- server/auth/auth_handler_factory.test.ts | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/server/auth/auth_handler_factory.test.ts b/server/auth/auth_handler_factory.test.ts index 9dcd073ae..649e0020e 100644 --- a/server/auth/auth_handler_factory.test.ts +++ b/server/auth/auth_handler_factory.test.ts @@ -25,12 +25,14 @@ import { SecuritySessionCookie } from '../session/security_cookie'; import { getAuthenticationHandler } from './auth_handler_factory'; import { AuthType } from '../../common'; +const mockBasicAuthType = AuthType.BASIC; + jest.mock('./types', () => { return { BasicAuthentication: jest.fn().mockImplementation(() => { return { authHandler: () => {}, - type: AuthType.BASIC, + type: mockBasicAuthType, init: () => {}, }; }), @@ -65,7 +67,7 @@ jest.mock('./types', () => { MultipleAuthentication: jest.fn().mockImplementation(() => { return { authHandler: () => {}, - type: ['openid', 'saml', 'basiauth'], + type: ['openid', 'saml', mockBasicAuthType], init: () => {}, }; }), @@ -219,7 +221,7 @@ describe('test authentication factory', () => { }, }; const auth = await getAuthenticationHandler( - ['openid', 'saml', 'basiauth'], + ['openid', 'saml', AuthType.BASIC], router, config, core, @@ -227,7 +229,7 @@ describe('test authentication factory', () => { sessionStorageFactory, logger ); - expect(auth.type).toEqual(['openid', 'saml', 'basiauth']); + expect(auth.type).toEqual(['openid', 'saml', AuthType.BASIC]); }); test('multiple_auth_enabled is off, get multi auth', async () => { From 10824fa0e7859040ad3181e6a4c2057e81602610 Mon Sep 17 00:00:00 2001 From: Prabhas Kurapati Date: Sat, 28 Oct 2023 17:19:33 -0700 Subject: [PATCH 4/5] made requested changes Signed-off-by: Prabhas Kurapati --- public/apps/account/account-app.tsx | 2 +- public/apps/login/test/login-page.test.tsx | 4 ++-- server/auth/auth_handler_factory.test.ts | 13 +++++++++++++ server/auth/auth_handler_factory.ts | 1 + server/auth/types/authentication_type.ts | 4 ++-- server/index.ts | 7 ++++--- 6 files changed, 23 insertions(+), 8 deletions(-) diff --git a/public/apps/account/account-app.tsx b/public/apps/account/account-app.tsx index fb35a2307..ebcd15d5a 100644 --- a/public/apps/account/account-app.tsx +++ b/public/apps/account/account-app.tsx @@ -38,7 +38,7 @@ function tenantSpecifiedInUrl() { export async function setupTopNavButton(coreStart: CoreStart, config: ClientConfigType) { const authType = config.auth?.type; - let currAuthType = AuthType.BASIC; + let currAuthType = ''; if (typeof authType === 'string') { currAuthType = authType; } else if (Array.isArray(authType) && authType.length === 1) { diff --git a/public/apps/login/test/login-page.test.tsx b/public/apps/login/test/login-page.test.tsx index 3cecfe819..e5fed489b 100644 --- a/public/apps/login/test/login-page.test.tsx +++ b/public/apps/login/test/login-page.test.tsx @@ -144,7 +144,7 @@ describe('Login page', () => { const config: ClientConfigType = { ui: configUiDefault, auth: { - type: [AuthType.BASIC], + type: [''], }, }; const component = shallow( @@ -157,7 +157,7 @@ describe('Login page', () => { const config: ClientConfigType = { ui: configUiDefault, auth: { - type: AuthType.BASIC, + type: '', }, }; const component = shallow( diff --git a/server/auth/auth_handler_factory.test.ts b/server/auth/auth_handler_factory.test.ts index 649e0020e..ac7ebbb0a 100644 --- a/server/auth/auth_handler_factory.test.ts +++ b/server/auth/auth_handler_factory.test.ts @@ -110,6 +110,19 @@ describe('test authentication factory', () => { expect(auth.type).toEqual(AuthType.BASIC); }); + test('get basic auth with empty auth type: string array', async () => { + const auth = await getAuthenticationHandler( + [''], + router, + config, + core, + esClient, + sessionStorageFactory, + logger + ); + expect(auth.type).toEqual('basicauth'); + }); + test('get jwt auth: string array', async () => { const auth = await getAuthenticationHandler( ['jwt'], diff --git a/server/auth/auth_handler_factory.ts b/server/auth/auth_handler_factory.ts index 330dcebc1..2cd3c7c25 100644 --- a/server/auth/auth_handler_factory.ts +++ b/server/auth/auth_handler_factory.ts @@ -60,6 +60,7 @@ export async function getAuthenticationHandler( if (typeof authType === 'string' || authType.length === 1) { const currType = typeof authType === 'string' ? authType : authType[0]; switch (currType.toLowerCase()) { + case '': case AuthType.BASIC: authHandlerType = BasicAuthentication; break; diff --git a/server/auth/types/authentication_type.ts b/server/auth/types/authentication_type.ts index 620227ac7..56ec21463 100755 --- a/server/auth/types/authentication_type.ts +++ b/server/auth/types/authentication_type.ts @@ -31,7 +31,7 @@ import { SecuritySessionCookie } from '../../session/security_cookie'; import { SecurityClient } from '../../backend/opensearch_security_client'; import { resolveTenant, isValidTenant } from '../../multitenancy/tenant_resolver'; import { UnauthenticatedError } from '../../errors'; -import { AuthType, GLOBAL_TENANT_SYMBOL } from '../../../common'; +import { GLOBAL_TENANT_SYMBOL } from '../../../common'; export interface IAuthenticationType { type: string; @@ -88,7 +88,7 @@ export abstract class AuthenticationType implements IAuthenticationType { protected readonly logger: Logger ) { this.securityClient = new SecurityClient(esClient); - this.type = AuthType.BASIC; + this.type = ''; this.config = config; } diff --git a/server/index.ts b/server/index.ts index c4a7374cf..309e7e2c4 100644 --- a/server/index.ts +++ b/server/index.ts @@ -20,6 +20,7 @@ import { AuthType } from '../common'; const validateAuthType = (value: string[]) => { const supportedAuthTypes = [ + '', AuthType.BASIC, 'jwt', 'openid', @@ -80,7 +81,7 @@ export const configSchema = schema.object({ type: schema.oneOf( [ schema.arrayOf(schema.string(), { - defaultValue: [AuthType.BASIC], + defaultValue: [''], validate(value: string[]) { if (!value || value.length === 0) { return `Authentication type is not configured properly. At least one authentication type must be selected.`; @@ -100,7 +101,7 @@ export const configSchema = schema.object({ }, }), schema.string({ - defaultValue: AuthType.BASIC, + defaultValue: '', validate(value) { const valArray: string[] = []; valArray.push(value); @@ -108,7 +109,7 @@ export const configSchema = schema.object({ }, }), ], - { defaultValue: AuthType.BASIC } + { defaultValue: '' } ), anonymous_auth_enabled: schema.boolean({ defaultValue: false }), unauthenticated_routes: schema.arrayOf(schema.string(), { From facc60c49219c2bccac0aebdca3ebdfd075c7699 Mon Sep 17 00:00:00 2001 From: Prabhas Kurapati Date: Mon, 6 Nov 2023 17:06:25 -0800 Subject: [PATCH 5/5] updated saml to AuthType.SAML + fixed basicauth test Signed-off-by: Prabhas Kurapati --- public/apps/login/test/login-page.test.tsx | 2 +- server/auth/auth_handler_factory.test.ts | 34 ++++++++++++++------ server/auth/types/saml/saml_auth.ts | 2 +- server/index.ts | 2 +- test/jest_integration/saml_auth.test.ts | 5 +-- test/jest_integration/saml_multiauth.test.ts | 4 +-- 6 files changed, 32 insertions(+), 17 deletions(-) diff --git a/public/apps/login/test/login-page.test.tsx b/public/apps/login/test/login-page.test.tsx index e5fed489b..f21a39e5a 100644 --- a/public/apps/login/test/login-page.test.tsx +++ b/public/apps/login/test/login-page.test.tsx @@ -130,7 +130,7 @@ describe('Login page', () => { const config: ClientConfigType = { ui: configUI, auth: { - type: [AuthType.BASIC, 'openid', 'saml'], + type: [AuthType.BASIC, 'openid', AuthType.SAML], logout_url: API_AUTH_LOGOUT, }, }; diff --git a/server/auth/auth_handler_factory.test.ts b/server/auth/auth_handler_factory.test.ts index ac7ebbb0a..b73bcc2cc 100644 --- a/server/auth/auth_handler_factory.test.ts +++ b/server/auth/auth_handler_factory.test.ts @@ -26,6 +26,7 @@ import { getAuthenticationHandler } from './auth_handler_factory'; import { AuthType } from '../../common'; const mockBasicAuthType = AuthType.BASIC; +const mockSAMLAuthType = AuthType.SAML; jest.mock('./types', () => { return { @@ -60,14 +61,14 @@ jest.mock('./types', () => { SamlAuthentication: jest.fn().mockImplementation(() => { return { authHandler: () => {}, - type: 'saml', + type: mockSAMLAuthType, init: () => {}, }; }), MultipleAuthentication: jest.fn().mockImplementation(() => { return { authHandler: () => {}, - type: ['openid', 'saml', mockBasicAuthType], + type: ['openid', mockSAMLAuthType, mockBasicAuthType], init: () => {}, }; }), @@ -110,6 +111,19 @@ describe('test authentication factory', () => { expect(auth.type).toEqual(AuthType.BASIC); }); + test('get basic auth with empty auth type: string', async () => { + const auth = await getAuthenticationHandler( + '', + router, + config, + core, + esClient, + sessionStorageFactory, + logger + ); + expect(auth.type).toEqual(AuthType.BASIC); + }); + test('get basic auth with empty auth type: string array', async () => { const auth = await getAuthenticationHandler( [''], @@ -120,7 +134,7 @@ describe('test authentication factory', () => { sessionStorageFactory, logger ); - expect(auth.type).toEqual('basicauth'); + expect(auth.type).toEqual(AuthType.BASIC); }); test('get jwt auth: string array', async () => { @@ -203,7 +217,7 @@ describe('test authentication factory', () => { test('get saml auth: string array', async () => { const auth = await getAuthenticationHandler( - ['saml'], + [AuthType.SAML], router, config, core, @@ -211,12 +225,12 @@ describe('test authentication factory', () => { sessionStorageFactory, logger ); - expect(auth.type).toEqual('saml'); + expect(auth.type).toEqual(AuthType.SAML); }); test('get saml auth: string', async () => { const auth = await getAuthenticationHandler( - 'saml', + AuthType.SAML, router, config, core, @@ -224,7 +238,7 @@ describe('test authentication factory', () => { sessionStorageFactory, logger ); - expect(auth.type).toEqual('saml'); + expect(auth.type).toEqual(AuthType.SAML); }); test('multiple_auth_enabled is on, get multi auth', async () => { @@ -234,7 +248,7 @@ describe('test authentication factory', () => { }, }; const auth = await getAuthenticationHandler( - ['openid', 'saml', AuthType.BASIC], + ['openid', AuthType.SAML, AuthType.BASIC], router, config, core, @@ -242,7 +256,7 @@ describe('test authentication factory', () => { sessionStorageFactory, logger ); - expect(auth.type).toEqual(['openid', 'saml', AuthType.BASIC]); + expect(auth.type).toEqual(['openid', AuthType.SAML, AuthType.BASIC]); }); test('multiple_auth_enabled is off, get multi auth', async () => { @@ -253,7 +267,7 @@ describe('test authentication factory', () => { }; try { await getAuthenticationHandler( - ['openid', 'saml', AuthType.BASIC], + ['openid', AuthType.SAML, AuthType.BASIC], router, config, core, diff --git a/server/auth/types/saml/saml_auth.ts b/server/auth/types/saml/saml_auth.ts index 5c5c3e426..50801784a 100644 --- a/server/auth/types/saml/saml_auth.ts +++ b/server/auth/types/saml/saml_auth.ts @@ -45,7 +45,7 @@ import { export class SamlAuthentication extends AuthenticationType { public static readonly AUTH_HEADER_NAME = 'authorization'; - public readonly type: string = 'saml'; + public readonly type: string = AuthType.SAML; constructor( config: SecurityPluginConfigType, diff --git a/server/index.ts b/server/index.ts index 309e7e2c4..198b07fe2 100644 --- a/server/index.ts +++ b/server/index.ts @@ -24,7 +24,7 @@ const validateAuthType = (value: string[]) => { AuthType.BASIC, 'jwt', 'openid', - 'saml', + AuthType.SAML, 'proxy', 'kerberos', 'proxycache', diff --git a/test/jest_integration/saml_auth.test.ts b/test/jest_integration/saml_auth.test.ts index 7123baf15..0e963ba68 100644 --- a/test/jest_integration/saml_auth.test.ts +++ b/test/jest_integration/saml_auth.test.ts @@ -25,6 +25,7 @@ import { import wreck from '@hapi/wreck'; import { Builder, By, until } from 'selenium-webdriver'; import { Options } from 'selenium-webdriver/firefox'; +import { AuthType } from '../../common'; describe('start OpenSearch Dashboards server', () => { let root: Root; @@ -73,7 +74,7 @@ describe('start OpenSearch Dashboards server', () => { opensearch_security: { auth: { anonymous_auth_enabled: false, - type: 'saml', + type: AuthType.SAML, }, multitenancy: { enabled: true, @@ -138,7 +139,7 @@ describe('start OpenSearch Dashboards server', () => { order: 5, http_authenticator: { challenge: true, - type: 'saml', + type: AuthType.SAML, config: { idp: { metadata_url: 'http://localhost:7000/metadata', diff --git a/test/jest_integration/saml_multiauth.test.ts b/test/jest_integration/saml_multiauth.test.ts index 7d1e36861..92defdd1d 100644 --- a/test/jest_integration/saml_multiauth.test.ts +++ b/test/jest_integration/saml_multiauth.test.ts @@ -70,7 +70,7 @@ describe('start OpenSearch Dashboards server', () => { opensearch_security: { auth: { anonymous_auth_enabled: false, - type: [AuthType.BASIC, 'saml'], + type: [AuthType.BASIC, AuthType.SAML], multiple_auth_enabled: true, }, multitenancy: { @@ -136,7 +136,7 @@ describe('start OpenSearch Dashboards server', () => { order: 5, http_authenticator: { challenge: true, - type: 'saml', + type: AuthType.SAML, config: { idp: { metadata_url: 'http://localhost:7000/metadata',