From ddb9cf7e79d38ac69a925b89200d4e707f9b8397 Mon Sep 17 00:00:00 2001
From: "opensearch-trigger-bot[bot]"
 <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com>
Date: Tue, 12 Mar 2024 11:53:30 -0700
Subject: [PATCH] [Multiple Datasource] Test connection schema validation for
 registered auth types (#6109) (#6116)

* [Token Exchange Unification] Test connextion router schema validation support for registered auth type

Signed-off-by: Xinrui Bai <xinruiba@amazon.com>

* Update changefile

Signed-off-by: Xinrui Bai <xinruiba@amazon.com>

* [UT] Add test cases for registered auth type, test connection failure case

Signed-off-by: Xinrui Bai <xinruiba@amazon.com>

* [UT] Update testing URL value to avoid linkchecker failure

Signed-off-by: Xinrui Bai <xinruiba@amazon.com>

* [UT] Update testing URL value to avoid linkchecker failure round2

Signed-off-by: Xinrui Bai <xinruiba@amazon.com>

* [UT] Update testing URL value to avoid linkchecker failure round 3

Signed-off-by: Xinrui Bai <xinruiba@amazon.com>

---------

Signed-off-by: Xinrui Bai <xinruiba@amazon.com>
(cherry picked from commit 362ab1e9e75f31c6367c37baea48ff30429621d8)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

# Conflicts:
#	CHANGELOG.md

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
---
 .../server/routes/test_connection.test.ts     | 127 ++++++++++++++++++
 .../server/routes/test_connection.ts          |  14 ++
 2 files changed, 141 insertions(+)

diff --git a/src/plugins/data_source/server/routes/test_connection.test.ts b/src/plugins/data_source/server/routes/test_connection.test.ts
index fb6146949084..8027354601b3 100644
--- a/src/plugins/data_source/server/routes/test_connection.test.ts
+++ b/src/plugins/data_source/server/routes/test_connection.test.ts
@@ -100,6 +100,58 @@ describe(`Test connection ${URL}`, () => {
     },
   };
 
+  const dataSourceAttrForRegisteredAuthWithCredentials = {
+    endpoint: 'https://test.com',
+    auth: {
+      type: 'Some Registered Type',
+      credentials: {
+        firstField: 'some value',
+        secondField: 'some value',
+      },
+    },
+  };
+
+  const dataSourceAttrForRegisteredAuthWithEmptyCredentials = {
+    endpoint: 'https://test.com',
+    auth: {
+      type: 'Some Registered Type',
+      credentials: {},
+    },
+  };
+
+  const dataSourceAttrForRegisteredAuthWithoutCredentials = {
+    endpoint: 'https://test.com',
+    auth: {
+      type: 'Some Registered Type',
+    },
+  };
+
+  const dataSourceAttrForRegisteredAuthWithNoAuthType = {
+    endpoint: 'https://test.com',
+    auth: {
+      type: AuthType.NoAuth,
+      credentials: {
+        field: 'some value',
+      },
+    },
+  };
+
+  const dataSourceAttrForRegisteredAuthWithBasicAuthType = {
+    endpoint: 'https://test.com',
+    auth: {
+      type: AuthType.UsernamePasswordType,
+      credentials: {},
+    },
+  };
+
+  const dataSourceAttrForRegisteredAuthWithSigV4AuthType = {
+    endpoint: 'https://test.com',
+    auth: {
+      type: AuthType.SigV4,
+      credentials: {},
+    },
+  };
+
   beforeEach(async () => {
     ({ server, httpSetup, handlerContext } = await setupServer());
     customApiSchemaRegistryPromise = Promise.resolve(customApiSchemaRegistry);
@@ -205,6 +257,48 @@ describe(`Test connection ${URL}`, () => {
     expect(result.body.error).toEqual('Bad Request');
   });
 
+  it('registered Auth with NoAuthType should fail', async () => {
+    const result = await supertest(httpSetup.server.listener)
+      .post(URL)
+      .send({
+        id: 'testId',
+        dataSourceAttr: dataSourceAttrForRegisteredAuthWithNoAuthType,
+      })
+      .expect(400);
+    expect(result.body.error).toEqual('Bad Request');
+    expect(result.body.message).toContain(
+      `Must not be no_auth or username_password or sigv4 for registered auth types`
+    );
+  });
+
+  it('registered Auth with Basic AuthType should fail', async () => {
+    const result = await supertest(httpSetup.server.listener)
+      .post(URL)
+      .send({
+        id: 'testId',
+        dataSourceAttr: dataSourceAttrForRegisteredAuthWithBasicAuthType,
+      })
+      .expect(400);
+    expect(result.body.error).toEqual('Bad Request');
+    expect(result.body.message).toContain(
+      `Must not be no_auth or username_password or sigv4 for registered auth types`
+    );
+  });
+
+  it('registered Auth with sigV4 AuthType should fail', async () => {
+    const result = await supertest(httpSetup.server.listener)
+      .post(URL)
+      .send({
+        id: 'testId',
+        dataSourceAttr: dataSourceAttrForRegisteredAuthWithSigV4AuthType,
+      })
+      .expect(400);
+    expect(result.body.error).toEqual('Bad Request');
+    expect(result.body.message).toContain(
+      `Must not be no_auth or username_password or sigv4 for registered auth types`
+    );
+  });
+
   it('full credential with sigV4 auth should success', async () => {
     const result = await supertest(httpSetup.server.listener)
       .post(URL)
@@ -215,4 +309,37 @@ describe(`Test connection ${URL}`, () => {
       .expect(200);
     expect(result.body).toEqual({ success: true });
   });
+
+  it('credential with registered auth type should success', async () => {
+    const result = await supertest(httpSetup.server.listener)
+      .post(URL)
+      .send({
+        id: 'testId',
+        dataSourceAttr: dataSourceAttrForRegisteredAuthWithCredentials,
+      })
+      .expect(200);
+    expect(result.body).toEqual({ success: true });
+  });
+
+  it('empty credential with registered auth type should success', async () => {
+    const result = await supertest(httpSetup.server.listener)
+      .post(URL)
+      .send({
+        id: 'testId',
+        dataSourceAttr: dataSourceAttrForRegisteredAuthWithEmptyCredentials,
+      })
+      .expect(200);
+    expect(result.body).toEqual({ success: true });
+  });
+
+  it('no credential with registered auth type should success', async () => {
+    const result = await supertest(httpSetup.server.listener)
+      .post(URL)
+      .send({
+        id: 'testId',
+        dataSourceAttr: dataSourceAttrForRegisteredAuthWithoutCredentials,
+      })
+      .expect(200);
+    expect(result.body).toEqual({ success: true });
+  });
 });
diff --git a/src/plugins/data_source/server/routes/test_connection.ts b/src/plugins/data_source/server/routes/test_connection.ts
index ac6bc10ff39a..4edebc12fa8d 100644
--- a/src/plugins/data_source/server/routes/test_connection.ts
+++ b/src/plugins/data_source/server/routes/test_connection.ts
@@ -53,6 +53,20 @@ export const registerTestConnectionRoute = async (
                     ]),
                   }),
                 }),
+                schema.object({
+                  type: schema.string({
+                    validate: (value) => {
+                      if (
+                        value === AuthType.NoAuth ||
+                        value === AuthType.UsernamePasswordType ||
+                        value === AuthType.SigV4
+                      ) {
+                        return `Must not be no_auth or username_password or sigv4 for registered auth types`;
+                      }
+                    },
+                  }),
+                  credentials: schema.nullable(schema.any()),
+                }),
               ])
             ),
           }),