HLRC: add change password API support #33509
Conversation
jkakavas
added
>enhancement
v7.0.0
:Core/Java High Level REST Client
:Security/Authentication
|
Pinging @elastic/es-core-infra |
|
Pinging @elastic/es-security |
| * @param listener the listener to be notified upon request completion | ||
| */ | ||
| public void putUserAsync(PutUserRequest request, RequestOptions options, ActionListener<PutUserResponse> listener) { | ||
| restHighLevelClient.performRequestAsyncAndParseEntity(request, SecurityRequestConverters::putUser, options, | ||
| PutUserResponse::fromXContent, listener, emptySet()); | ||
| } | ||
|
|
||
| /** | ||
| * Change the password of a user in the native realm synchronously. |
There was a problem hiding this comment.
maybe say of a native realm or built-in user
| } | ||
|
|
||
| /** | ||
| * Change the password of a user in the native realm asynchronously. |
There was a problem hiding this comment.
maybe say of a native realm or built-in user
| * @param options the request options (e.g. headers), use {@link RequestOptions#DEFAULT} if nothing needs to be customized | ||
| * @param listener the listener to be notified upon request completion | ||
| */ | ||
| public void changePasswordAsync(ChangePasswordRequest request, RequestOptions options, ActionListener<EmptyResponse> |
There was a problem hiding this comment.
can you wrap the type of the parameter too? Things line up better and are easier to read IMO
| listener) { | ||
| restHighLevelClient.performRequestAsyncAndParseEntity(request, SecurityRequestConverters::changePassword, options, | ||
| EmptyResponse::fromXContent, listener, emptySet()); | ||
|
|
| import java.util.Objects; | ||
| import java.util.Optional; | ||
|
|
||
| public final class ChangePasswordRequest implements Validatable, Closeable, ToXContentObject { |
There was a problem hiding this comment.
can you add class level javadocs?
| if (null != username){ | ||
| builder.field("username", username); | ||
| } | ||
| if (password != null) { |
There was a problem hiding this comment.
password should never be null based on the constructor check?
| } | ||
|
|
||
| @Override | ||
| public Optional<ValidationException> validate() { |
There was a problem hiding this comment.
no need to implement/override this method if no validation is required
| } | ||
|
|
||
| @Override | ||
| public boolean equals(Object o){ |
There was a problem hiding this comment.
do we need the equals/hashcode implementations?
| char[] password = new char[]{'p', 'a', 's', 's', 'w', 'o', 'r', 'd'}; | ||
| char[] newPassword = new char[]{'n', 'e', 'w', 'p', 'a', 's', 's', 'w', 'o', 'r', 'd'}; | ||
| PutUserRequest putUserRequest = | ||
| new PutUserRequest("change_password_user", password, Collections.singletonList("superuser"), null, null, true, null, |
There was a problem hiding this comment.
can you change the wrapping so it is only on two lines instead of three?
| -------------------------------------------------- | ||
| include-tagged::{doc-tests}/SecurityDocumentationIT.java[change-password-execute-listener] | ||
| -------------------------------------------------- | ||
| <1> Called when the execution is successfully completed. The response is |
There was a problem hiding this comment.
nit: add periods to the end of these two sentences
...t/rest-high-level/src/main/java/org/elasticsearch/client/security/ChangePasswordRequest.java
Show resolved
Hide resolved
| return request; | ||
| } | ||
|
|
||
|
|
| private final char[] password; | ||
| private final RefreshPolicy refreshPolicy; | ||
|
|
||
| public ChangePasswordRequest(String username, char[] password, RefreshPolicy refreshPolicy) { |
There was a problem hiding this comment.
I would add a javadoc to this constructor:
- make it clear that username can be null (I would also add @nullable and/or a constructor without the first parameter)
- state that the request object does not own the
passwordarray, and the caller is responsible to clear it.
I am being pedantic because this is the interface to clients.
There was a problem hiding this comment.
+1 to add javadocs; I need to go back and do so for my HLRC APIs.
| /** | ||
| * Request object to change the password of a user of a native realm or a built-in user. | ||
| */ | ||
| public final class ChangePasswordRequest implements Validatable, Closeable, ToXContentObject { |
There was a problem hiding this comment.
I think it would be easier for clients if we don't implement Closeable and consequently not "owning" the password array.
I think whenever we can choose not to "own" the password (because we don't need it cached for retries or otherwise) - or any other resource for that matter - we should not own the resource. I think it's easier for us to reason that all arguments are passed by reference, the callee does not "own" any, unless we have to cache the password locally - and in this case state it explicitly in the docs!
Let me know what you think! In any case we should be pedantic and mention the "ownership" in the javadocs.
There was a problem hiding this comment.
I see no issue with your line of argumentation @albertzaharovits. As this applies to other request objects, I'd summon @jaymode to weigh-in, so that we can decide and aim for consistency.
There was a problem hiding this comment.
I think @albertzaharovits's line of thinking makes sense and let's not implement closeable. In the PutUserRequest I did not claim ownership but the array is cleared by the close method. I'll open a PR to resolve the issue there.
There was a problem hiding this comment.
This is pretty close, I think we just need to get some javadocs in here and address some of the things @albertzaharovits brought up.
| return request; | ||
| } | ||
|
|
||
|
|
| /** | ||
| * Request object to change the password of a user of a native realm or a built-in user. | ||
| */ | ||
| public final class ChangePasswordRequest implements Validatable, Closeable, ToXContentObject { |
There was a problem hiding this comment.
I think @albertzaharovits's line of thinking makes sense and let's not implement closeable. In the PutUserRequest I did not claim ownership but the array is cleared by the close method. I'll open a PR to resolve the issue there.
| private final char[] password; | ||
| private final RefreshPolicy refreshPolicy; | ||
|
|
||
| public ChangePasswordRequest(String username, char[] password, RefreshPolicy refreshPolicy) { |
There was a problem hiding this comment.
+1 to add javadocs; I need to go back and do so for my HLRC APIs.
...t/rest-high-level/src/main/java/org/elasticsearch/client/security/ChangePasswordRequest.java
Show resolved
Hide resolved
| @@ -169,6 +170,52 @@ public void onFailure(Exception e) { | |||
| // tag::disable-user-execute-async | |||
| client.security().disableUserAsync(request, RequestOptions.DEFAULT, listener); // <1> | |||
| // end::disable-user-execute-async | |||
| // end::x-pack-put-user-execute-async | |||
|
@jaymode , @albertzaharovits . I have addressed your feedback, I think this is ready for a final round |
| /** | ||
| * @param username The username of the user whose password should be changed or null for the current user. | ||
| * @param password The new password. The password array is not cleared by the {@link ChangePasswordRequest} object so the | ||
| * calling code must clear it after handling the response. |
| //end::change-password-execute | ||
|
|
||
| assertNotNull(response); | ||
|
|
The PutUserRequest implemented closeable as it assumed ownership of the password provided to the class. This change removes the ownership of the password, documents it in the javadoc, and removes the closeable implementation. Additionally, the intermediate bytes used for writing the password to XContent are now cleared. This makes the PutUserRequest consistent with the behavior discussed in elastic#33509.
This change adds support for the change password APIs to the high level rest client. Relates #29827
The PutUserRequest implemented closeable as it assumed ownership of the password provided to the class. This change removes the ownership of the password, documents it in the javadoc, and removes the closeable implementation. Additionally, the intermediate bytes used for writing the password to XContent are now cleared. This makes the PutUserRequest consistent with the behavior discussed in #33509.
The PutUserRequest implemented closeable as it assumed ownership of the password provided to the class. This change removes the ownership of the password, documents it in the javadoc, and removes the closeable implementation. Additionally, the intermediate bytes used for writing the password to XContent are now cleared. This makes the PutUserRequest consistent with the behavior discussed in #33509.
This change adds support for the change password APIs to the high level rest client. Relates #29827
The PutUserRequest implemented closeable as it assumed ownership of the password provided to the class. This change removes the ownership of the password, documents it in the javadoc, and removes the closeable implementation. Additionally, the intermediate bytes used for writing the password to XContent are now cleared. This makes the PutUserRequest consistent with the behavior discussed in #33509.
colings86
removed
the
:Security/Authentication
This change adds support for the change password APIs to the high
level rest client.
The response for this API adopts the empty response object introduced in #33481