Skip to content

Add cloud API keys to auth info report #130041

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jul 1, 2025
Merged

Add cloud API keys to auth info report #130041

merged 3 commits into from
Jul 1, 2025

Conversation

ankit--sethi
Copy link
Contributor

No description provided.

@elasticsearchmachine elasticsearchmachine added v9.2.0 needs:triage Requires assignment of a team area label labels Jun 25, 2025
@ankit--sethi ankit--sethi added :Security/Security Security issues without another label >non-issue labels Jun 25, 2025
@elasticsearchmachine elasticsearchmachine added Team:Security Meta label for security team and removed needs:triage Requires assignment of a team area label labels Jun 25, 2025
@elasticsearchmachine
Copy link
Collaborator

Pinging @elastic/es-security (Team:Security)

slobodanadamovic
slobodanadamovic reviewed Jun 26, 2025
View reviewed changes
...in/core/src/test/java/org/elasticsearch/xpack/core/security/xcontent/XContentUtilsTests.java Outdated
String apiKeyId = randomAlphaOfLength(20);
Authentication authentication = AuthenticationTestHelper.randomCloudApiKeyAuthentication(apiKeyId);
String json = generateJson(Map.of(AuthenticationField.AUTHENTICATION_KEY, authentication.encode()));
assertThat(json, containsString("{\"authorization\":{\"cloud_api_key\":{\"id\":\"" + apiKeyId + "\""));
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Test only asserts id field. Using randomCloudApiKeyAuthentication(apiKeyId) may not be quite suitable here. Probably it's better to randomize User then call randomCloudApiKeyAuthentication(user). This way you can assert all fields as you control user's principal (API key id), metadata (name and internal) and roles.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

refactored the test and some helper methods to assert on a fully randomized user

slobodanadamovic
slobodanadamovic approved these changes Jun 30, 2025
View reviewed changes
Copy link
Contributor

@slobodanadamovic slobodanadamovic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

@ankit--sethi ankit--sethi merged commit 6520fa2 into elastic:main Jul 1, 2025
38 checks passed
mridula-s109 pushed a commit to mridula-s109/elasticsearch that referenced this pull request Jul 3, 2025
@ankit--sethi @mridula-s109
Add cloud API keys to auth info report (elastic#130041)
0bd71fb 
* add change and test

* improve test
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@slobodanadamovic slobodanadamovic slobodanadamovic approved these changes

Assignees
No one assigned
Labels
>non-issue :Security/Security Security issues without another label Team:Security Meta label for security team v9.2.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ankit--sethi @elasticsearchmachine @slobodanadamovic