maxmustermann/kibana
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

remove try auth mode (#94287)

Browse source 
* remove `try` auth mode

* update generated doc

* update generated doc

* adapt integration test
This commit is contained in:
Pierre Gayvallet 2021-03-10 20:21:39 +01:00 committed by GitHub
parent 6044f8a8bf
commit 7d2c4d4d09
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
18 changed files with 219 additions and 222 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

104
api_docs/actions.json
View file

@ -127,7 +127,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 70
"lineNumber": 63
}
},
{
@ -138,7 +138,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 71
"lineNumber": 64
}
},
{
@ -149,7 +149,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 72
"lineNumber": 65
}
},
{
@ -160,7 +160,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 73
"lineNumber": 66
},
"signature": [
"Config | undefined"
@ -174,13 +174,13 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 74
"lineNumber": 67
}
}
],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 69
"lineNumber": 62
},
"initialIsOpen": false
},
@ -199,7 +199,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 47
"lineNumber": 40
},
"signature": [
"() => ",
@ -220,7 +220,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 48
"lineNumber": 41
},
"signature": [
"() => ",
@ -237,7 +237,7 @@
],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 46
"lineNumber": 39
},
"initialIsOpen": false
},
@ -256,7 +256,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 56
"lineNumber": 49
},
"signature": [
{
@ -276,7 +276,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 57
"lineNumber": 50
},
"signature": [
{
@ -291,7 +291,7 @@
],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 55
"lineNumber": 48
},
"initialIsOpen": false
},
@ -320,7 +320,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 108
"lineNumber": 101
}
},
{
@ -331,7 +331,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 109
"lineNumber": 102
}
},
{
@ -342,7 +342,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 110
"lineNumber": 103
},
"signature": [
"number | undefined"
@ -356,7 +356,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 111
"lineNumber": 104
},
"signature": [
"\"basic\" | \"standard\" | \"gold\" | \"platinum\" | \"enterprise\" | \"trial\""
@ -370,7 +370,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 112
"lineNumber": 105
},
"signature": [
"{ params?: ValidatorType<Params> | undefined; config?: ValidatorType<Config> | undefined; secrets?: ValidatorType<Secrets> | undefined; } | undefined"
@ -395,7 +395,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 117
"lineNumber": 110
}
},
{
@ -408,7 +408,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 117
"lineNumber": 110
}
}
],
@ -416,7 +416,7 @@
"returnComment": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 117
"lineNumber": 110
}
},
{
@ -427,7 +427,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 118
"lineNumber": 111
},
"signature": [
{
@ -443,7 +443,7 @@
],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 102
"lineNumber": 95
},
"initialIsOpen": false
},
@ -472,7 +472,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 62
"lineNumber": 55
}
},
{
@ -483,7 +483,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 63
"lineNumber": 56
},
"signature": [
{
@ -503,7 +503,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 64
"lineNumber": 57
},
"signature": [
"Config"
@ -517,7 +517,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 65
"lineNumber": 58
},
"signature": [
"Secrets"
@ -531,7 +531,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 66
"lineNumber": 59
},
"signature": [
"Params"
@ -540,7 +540,7 @@
],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 61
"lineNumber": 54
},
"initialIsOpen": false
},
@ -577,7 +577,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 81
"lineNumber": 74
},
"signature": [
"Secrets"
@ -586,7 +586,7 @@
],
"source": {
"path": "x-pack/plugins/actions/server/types.ts",
"lineNumber": 77
"lineNumber": 70
},
"initialIsOpen": false
}
@ -1008,7 +1008,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/plugin.ts",
"lineNumber": 86
"lineNumber": 85
}
}
],
@ -1016,13 +1016,13 @@
"returnComment": [],
"source": {
"path": "x-pack/plugins/actions/server/plugin.ts",
"lineNumber": 80
"lineNumber": 79
}
}
],
"source": {
"path": "x-pack/plugins/actions/server/plugin.ts",
"lineNumber": 79
"lineNumber": 78
},
"lifecycle": "setup",
"initialIsOpen": true
@ -1053,7 +1053,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/plugin.ts",
"lineNumber": 91
"lineNumber": 90
}
},
{
@ -1071,13 +1071,13 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/plugin.ts",
"lineNumber": 91
"lineNumber": 90
}
}
],
"source": {
"path": "x-pack/plugins/actions/server/plugin.ts",
"lineNumber": 91
"lineNumber": 90
}
}
],
@ -1085,7 +1085,7 @@
"returnComment": [],
"source": {
"path": "x-pack/plugins/actions/server/plugin.ts",
"lineNumber": 91
"lineNumber": 90
}
},
{
@ -1107,7 +1107,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/plugin.ts",
"lineNumber": 93
"lineNumber": 92
}
},
{
@ -1120,7 +1120,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/plugin.ts",
"lineNumber": 94
"lineNumber": 93
}
},
{
@ -1138,13 +1138,13 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/plugin.ts",
"lineNumber": 95
"lineNumber": 94
}
}
],
"source": {
"path": "x-pack/plugins/actions/server/plugin.ts",
"lineNumber": 95
"lineNumber": 94
}
}
],
@ -1152,7 +1152,7 @@
"returnComment": [],
"source": {
"path": "x-pack/plugins/actions/server/plugin.ts",
"lineNumber": 92
"lineNumber": 91
}
},
{
@ -1197,7 +1197,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/plugin.ts",
"lineNumber": 97
"lineNumber": 96
}
}
],
@ -1205,7 +1205,7 @@
"returnComment": [],
"source": {
"path": "x-pack/plugins/actions/server/plugin.ts",
"lineNumber": 97
"lineNumber": 96
}
},
{
@ -1250,7 +1250,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/plugin.ts",
"lineNumber": 98
"lineNumber": 97
}
}
],
@ -1258,7 +1258,7 @@
"returnComment": [],
"source": {
"path": "x-pack/plugins/actions/server/plugin.ts",
"lineNumber": 98
"lineNumber": 97
}
},
{
@ -1269,7 +1269,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/plugin.ts",
"lineNumber": 99
"lineNumber": 98
},
"signature": [
{
@ -1301,7 +1301,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/plugin.ts",
"lineNumber": 101
"lineNumber": 100
}
},
{
@ -1314,7 +1314,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/plugin.ts",
"lineNumber": 102
"lineNumber": 101
}
},
{
@ -1327,7 +1327,7 @@
"description": [],
"source": {
"path": "x-pack/plugins/actions/server/plugin.ts",
"lineNumber": 103
"lineNumber": 102
}
}
],
@ -1335,13 +1335,13 @@
"returnComment": [],
"source": {
"path": "x-pack/plugins/actions/server/plugin.ts",
"lineNumber": 100
"lineNumber": 99
}
}
],
"source": {
"path": "x-pack/plugins/actions/server/plugin.ts",
"lineNumber": 90
"lineNumber": 89
},
"lifecycle": "start",
"initialIsOpen": true

80
api_docs/core.json
View file

@ -6622,14 +6622,6 @@
"label": "asScoped",
"signature": [
"(request?: ",
{
"pluginId": "core",
"scope": "server",
"docId": "kibCorePluginApi",
"section": "def-server.FakeRequest",
"text": "FakeRequest"
},
" | ",
{
"pluginId": "core",
"scope": "server",
@ -6645,6 +6637,14 @@
"section": "def-server.LegacyRequest",
"text": "LegacyRequest"
},
" | ",
{
"pluginId": "core",
"scope": "server",
"docId": "kibCorePluginApi",
"section": "def-server.FakeRequest",
"text": "FakeRequest"
},
" | undefined) => Pick<",
{
"pluginId": "core",
@ -6664,14 +6664,6 @@
"label": "request",
"isRequired": false,
"signature": [
{
"pluginId": "core",
"scope": "server",
"docId": "kibCorePluginApi",
"section": "def-server.FakeRequest",
"text": "FakeRequest"
},
" | ",
{
"pluginId": "core",
"scope": "server",
@ -6687,6 +6679,14 @@
"section": "def-server.LegacyRequest",
"text": "LegacyRequest"
},
" | ",
{
"pluginId": "core",
"scope": "server",
"docId": "kibCorePluginApi",
"section": "def-server.FakeRequest",
"text": "FakeRequest"
},
" | undefined"
],
"description": [
@ -16174,14 +16174,6 @@
},
"signature": [
"{ callAsInternalUser: LegacyAPICaller; asScoped: (request?: ",
{
"pluginId": "core",
"scope": "server",
"docId": "kibCorePluginApi",
"section": "def-server.FakeRequest",
"text": "FakeRequest"
},
" | ",
{
"pluginId": "core",
"scope": "server",
@ -16197,6 +16189,14 @@
"section": "def-server.LegacyRequest",
"text": "LegacyRequest"
},
" | ",
{
"pluginId": "core",
"scope": "server",
"docId": "kibCorePluginApi",
"section": "def-server.FakeRequest",
"text": "FakeRequest"
},
" | undefined) => Pick<LegacyScopedClusterClient, \"callAsCurrentUser\" | \"callAsInternalUser\">; }"
],
"initialIsOpen": false
@ -16218,14 +16218,6 @@
},
"signature": [
"{ close: () => void; callAsInternalUser: LegacyAPICaller; asScoped: (request?: ",
{
"pluginId": "core",
"scope": "server",
"docId": "kibCorePluginApi",
"section": "def-server.FakeRequest",
"text": "FakeRequest"
},
" | ",
{
"pluginId": "core",
"scope": "server",
@ -16241,6 +16233,14 @@
"section": "def-server.LegacyRequest",
"text": "LegacyRequest"
},
" | ",
{
"pluginId": "core",
"scope": "server",
"docId": "kibCorePluginApi",
"section": "def-server.FakeRequest",
"text": "FakeRequest"
},
" | undefined) => Pick<LegacyScopedClusterClient, \"callAsCurrentUser\" | \"callAsInternalUser\">; }"
],
"initialIsOpen": false
@ -16533,14 +16533,6 @@
"lineNumber": 192
},
"signature": [
{
"pluginId": "core",
"scope": "server",
"docId": "kibCorePluginApi",
"section": "def-server.FakeRequest",
"text": "FakeRequest"
},
" | ",
{
"pluginId": "core",
"scope": "server",
@ -16555,6 +16547,14 @@
"docId": "kibCoreHttpPluginApi",
"section": "def-server.LegacyRequest",
"text": "LegacyRequest"
},
" | ",
{
"pluginId": "core",
"scope": "server",
"docId": "kibCorePluginApi",
"section": "def-server.FakeRequest",
"text": "FakeRequest"
}
],
"initialIsOpen": false

24
api_docs/core_http.json
View file

@ -2887,7 +2887,7 @@
"type": "Function",
"label": "notHandled",
"description": [
"\nUser has no credentials.\nAllows user to access a resource when authRequired is 'optional' or 'try'\nRejects a request when authRequired: true"
"\nUser has no credentials.\nAllows user to access a resource when authRequired is 'optional'\nRejects a request when authRequired: true"
],
"source": {
"path": "src/core/server/http/lifecycle/auth.ts",
@ -4648,7 +4648,7 @@
],
"source": {
"path": "src/core/server/http/router/route.ts",
"lineNumber": 173
"lineNumber": 171
}
},
{
@ -4661,7 +4661,7 @@
],
"source": {
"path": "src/core/server/http/router/route.ts",
"lineNumber": 231
"lineNumber": 229
},
"signature": [
"false | ",
@ -4685,7 +4685,7 @@
],
"source": {
"path": "src/core/server/http/router/route.ts",
"lineNumber": 236
"lineNumber": 234
},
"signature": [
{
@ -4701,7 +4701,7 @@
],
"source": {
"path": "src/core/server/http/router/route.ts",
"lineNumber": 159
"lineNumber": 157
},
"initialIsOpen": false
},
@ -4732,14 +4732,14 @@
"type": "CompoundType",
"label": "authRequired",
"description": [
"\nDefines authentication mode for a route:\n- true. A user has to have valid credentials to access a resource\n- false. A user can access a resource without any credentials.\n- 'optional'. A user can access a resource if has valid credentials or no credentials at all.\n Can be useful when we grant access to a resource but want to identify a user if possible.\n- 'try'. A user can access a resource with valid, invalid or without any credentials.\n Users with valid credentials will be authenticated\n\nDefaults to `true` if an auth mechanism is registered."
"\nDefines authentication mode for a route:\n- true. A user has to have valid credentials to access a resource\n- false. A user can access a resource without any credentials.\n- 'optional'. A user can access a resource, and will be authenticated if provided credentials are valid.\n Can be useful when we grant access to a resource but want to identify a user if possible.\n\nDefaults to `true` if an auth mechanism is registered."
],
"source": {
"path": "src/core/server/http/router/route.ts",
"lineNumber": 118
"lineNumber": 116
},
"signature": [
"boolean | \"optional\" | \"try\" | undefined"
"boolean | \"optional\" | undefined"
]
},
{
@ -4752,7 +4752,7 @@
],
"source": {
"path": "src/core/server/http/router/route.ts",
"lineNumber": 127
"lineNumber": 125
},
"signature": [
"(Method extends \"get\" ? never : boolean) | undefined"
@ -4768,7 +4768,7 @@
],
"source": {
"path": "src/core/server/http/router/route.ts",
"lineNumber": 132
"lineNumber": 130
},
"signature": [
"readonly string[] | undefined"
@ -4784,7 +4784,7 @@
],
"source": {
"path": "src/core/server/http/router/route.ts",
"lineNumber": 137
"lineNumber": 135
},
"signature": [
"(Method extends ",
@ -4816,7 +4816,7 @@
],
"source": {
"path": "src/core/server/http/router/route.ts",
"lineNumber": 142
"lineNumber": 140
},
"signature": [
"{ payload?: (Method extends ",

78
api_docs/lists.json
View file

@ -3706,7 +3706,83 @@
},
"common": {
"classes": [],
"functions": [],
"functions": [
{
"id": "def-common.buildExceptionFilter",
"type": "Function",
"children": [
{
"id": "def-common.buildExceptionFilter.{\n- lists,\n excludeExceptions,\n chunkSize,\n}",
"type": "Object",
"label": "{\n lists,\n excludeExceptions,\n chunkSize,\n}",
"tags": [],
"description": [],
"children": [
{
"tags": [],
"id": "def-common.buildExceptionFilter.{\n- lists,\n excludeExceptions,\n chunkSize,\n}.lists",
"type": "Array",
"label": "lists",
"description": [],
"source": {
"path": "x-pack/plugins/lists/common/exceptions/build_exceptions_filter.ts",
"lineNumber": 74
},
"signature": [
"(({ description: string; entries: ({ field: string; operator: \"excluded\" | \"included\"; type: \"match\"; value: string; } | { field: string; operator: \"excluded\" | \"included\"; type: \"match_any\"; value: string[]; } | { field: string; list: { id: string; type: \"boolean\" | \"date\" | \"text\" | \"keyword\" | \"ip\" | \"long\" | \"double\" | \"date_nanos\" | \"geo_point\" | \"geo_shape\" | \"short\" | \"binary\" | \"date_range\" | \"ip_range\" | \"shape\" | \"integer\" | \"byte\" | \"float\" | \"double_range\" | \"float_range\" | \"half_float\" | \"integer_range\" | \"long_range\"; }; operator: \"excluded\" | \"included\"; type: \"list\"; } | { field: string; operator: \"excluded\" | \"included\"; type: \"exists\"; } | { entries: ({ field: string; operator: \"excluded\" | \"included\"; type: \"match\"; value: string; } | { field: string; operator: \"excluded\" | \"included\"; type: \"match_any\"; value: string[]; } | { field: string; operator: \"excluded\" | \"included\"; type: \"exists\"; })[]; field: string; type: \"nested\"; })[]; list_id: string; name: string; type: \"simple\"; } & { comments?: { comment: string; }[] | undefined; item_id?: string | undefined; meta?: object | undefined; namespace_type?: \"single\" | \"agnostic\" | undefined; os_types?: (\"windows\" | \"linux\" | \"macos\")[] | undefined; tags?: string[] | undefined; }) | { _version: string | undefined; comments: ({ comment: string; created_at: string; created_by: string; id: string; } & { updated_at?: string | undefined; updated_by?: string | undefined; })[]; created_at: string; created_by: string; description: string; entries: ({ field: string; operator: \"excluded\" | \"included\"; type: \"match\"; value: string; } | { field: string; operator: \"excluded\" | \"included\"; type: \"match_any\"; value: string[]; } | { field: string; list: { id: string; type: \"boolean\" | \"date\" | \"text\" | \"keyword\" | \"ip\" | \"long\" | \"double\" | \"date_nanos\" | \"geo_point\" | \"geo_shape\" | \"short\" | \"binary\" | \"date_range\" | \"ip_range\" | \"shape\" | \"integer\" | \"byte\" | \"float\" | \"double_range\" | \"float_range\" | \"half_float\" | \"integer_range\" | \"long_range\"; }; operator: \"excluded\" | \"included\"; type: \"list\"; } | { field: string; operator: \"excluded\" | \"included\"; type: \"exists\"; } | { entries: ({ field: string; operator: \"excluded\" | \"included\"; type: \"match\"; value: string; } | { field: string; operator: \"excluded\" | \"included\"; type: \"match_any\"; value: string[]; } | { field: string; operator: \"excluded\" | \"included\"; type: \"exists\"; })[]; field: string; type: \"nested\"; })[]; id: string; item_id: string; list_id: string; meta: object | undefined; name: string; namespace_type: \"single\" | \"agnostic\"; os_types: (\"windows\" | \"linux\" | \"macos\")[]; tags: string[]; tie_breaker_id: string; type: \"simple\"; updated_at: string; updated_by: string; })[]"
]
},
{
"tags": [],
"id": "def-common.buildExceptionFilter.{\n- lists,\n excludeExceptions,\n chunkSize,\n}.excludeExceptions",
"type": "boolean",
"label": "excludeExceptions",
"description": [],
"source": {
"path": "x-pack/plugins/lists/common/exceptions/build_exceptions_filter.ts",
"lineNumber": 75
}
},
{
"tags": [],
"id": "def-common.buildExceptionFilter.{\n- lists,\n excludeExceptions,\n chunkSize,\n}.chunkSize",
"type": "number",
"label": "chunkSize",
"description": [],
"source": {
"path": "x-pack/plugins/lists/common/exceptions/build_exceptions_filter.ts",
"lineNumber": 76
}
}
],
"source": {
"path": "x-pack/plugins/lists/common/exceptions/build_exceptions_filter.ts",
"lineNumber": 73
}
}
],
"signature": [
"({ lists, excludeExceptions, chunkSize, }: { lists: (({ description: string; entries: ({ field: string; operator: \"excluded\" | \"included\"; type: \"match\"; value: string; } | { field: string; operator: \"excluded\" | \"included\"; type: \"match_any\"; value: string[]; } | { field: string; list: { id: string; type: \"boolean\" | \"date\" | \"text\" | \"keyword\" | \"ip\" | \"long\" | \"double\" | \"date_nanos\" | \"geo_point\" | \"geo_shape\" | \"short\" | \"binary\" | \"date_range\" | \"ip_range\" | \"shape\" | \"integer\" | \"byte\" | \"float\" | \"double_range\" | \"float_range\" | \"half_float\" | \"integer_range\" | \"long_range\"; }; operator: \"excluded\" | \"included\"; type: \"list\"; } | { field: string; operator: \"excluded\" | \"included\"; type: \"exists\"; } | { entries: ({ field: string; operator: \"excluded\" | \"included\"; type: \"match\"; value: string; } | { field: string; operator: \"excluded\" | \"included\"; type: \"match_any\"; value: string[]; } | { field: string; operator: \"excluded\" | \"included\"; type: \"exists\"; })[]; field: string; type: \"nested\"; })[]; list_id: string; name: string; type: \"simple\"; } & { comments?: { comment: string; }[] | undefined; item_id?: string | undefined; meta?: object | undefined; namespace_type?: \"single\" | \"agnostic\" | undefined; os_types?: (\"windows\" | \"linux\" | \"macos\")[] | undefined; tags?: string[] | undefined; }) | { _version: string | undefined; comments: ({ comment: string; created_at: string; created_by: string; id: string; } & { updated_at?: string | undefined; updated_by?: string | undefined; })[]; created_at: string; created_by: string; description: string; entries: ({ field: string; operator: \"excluded\" | \"included\"; type: \"match\"; value: string; } | { field: string; operator: \"excluded\" | \"included\"; type: \"match_any\"; value: string[]; } | { field: string; list: { id: string; type: \"boolean\" | \"date\" | \"text\" | \"keyword\" | \"ip\" | \"long\" | \"double\" | \"date_nanos\" | \"geo_point\" | \"geo_shape\" | \"short\" | \"binary\" | \"date_range\" | \"ip_range\" | \"shape\" | \"integer\" | \"byte\" | \"float\" | \"double_range\" | \"float_range\" | \"half_float\" | \"integer_range\" | \"long_range\"; }; operator: \"excluded\" | \"included\"; type: \"list\"; } | { field: string; operator: \"excluded\" | \"included\"; type: \"exists\"; } | { entries: ({ field: string; operator: \"excluded\" | \"included\"; type: \"match\"; value: string; } | { field: string; operator: \"excluded\" | \"included\"; type: \"match_any\"; value: string[]; } | { field: string; operator: \"excluded\" | \"included\"; type: \"exists\"; })[]; field: string; type: \"nested\"; })[]; id: string; item_id: string; list_id: string; meta: object | undefined; name: string; namespace_type: \"single\" | \"agnostic\"; os_types: (\"windows\" | \"linux\" | \"macos\")[]; tags: string[]; tie_breaker_id: string; type: \"simple\"; updated_at: string; updated_by: string; })[]; excludeExceptions: boolean; chunkSize: number; }) => ",
{
"pluginId": "data",
"scope": "common",
"docId": "kibDataPluginApi",
"section": "def-common.Filter",
"text": "Filter"
},
" | undefined"
],
"description": [],
"label": "buildExceptionFilter",
"source": {
"path": "x-pack/plugins/lists/common/exceptions/build_exceptions_filter.ts",
"lineNumber": 69
},
"tags": [],
"returnComment": [],
"initialIsOpen": false
}
],
"interfaces": [],
"enums": [
{

3
api_docs/lists.mdx
View file

@ -41,6 +41,9 @@ import listsObj from './lists.json';
### Objects
<DocDefinitionList data={listsObj.common.objects}/>
### Functions
<DocDefinitionList data={listsObj.common.functions}/>
### Enums
<DocDefinitionList data={listsObj.common.enums}/>

20
api_docs/vis_type_timeseries.json
View file

@ -30,7 +30,7 @@
"description": [],
"source": {
"path": "src/plugins/vis_type_timeseries/server/plugin.ts",
"lineNumber": 48
"lineNumber": 53
},
"signature": [
"(requestContext: ",
@ -45,19 +45,11 @@
{
"pluginId": "core",
"scope": "server",
"docId": "kibCorePluginApi",
"section": "def-server.FakeRequest",
"text": "FakeRequest"
"docId": "kibCoreHttpPluginApi",
"section": "def-server.KibanaRequest",
"text": "KibanaRequest"
},
", options: ",
{
"pluginId": "visTypeTimeseries",
"scope": "server",
"docId": "kibVisTypeTimeseriesPluginApi",
"section": "def-server.GetVisDataOptions",
"text": "GetVisDataOptions"
},
") => Promise<",
"<unknown, unknown, unknown, any>, options: any) => Promise<",
{
"pluginId": "visTypeTimeseries",
"scope": "common",
@ -71,7 +63,7 @@
],
"source": {
"path": "src/plugins/vis_type_timeseries/server/plugin.ts",
"lineNumber": 47
"lineNumber": 52
},
"lifecycle": "setup",
"initialIsOpen": true

2
docs/development/core/server/kibana-plugin-core-server.authtoolkit.md
View file

@ -17,6 +17,6 @@ export interface AuthToolkit
| Property | Type | Description |
| --- | --- | --- |
| [authenticated](./kibana-plugin-core-server.authtoolkit.authenticated.md) | <code>(data?: AuthResultParams) =&gt; AuthResult</code> | Authentication is successful with given credentials, allow request to pass through |
| [notHandled](./kibana-plugin-core-server.authtoolkit.nothandled.md) | <code>() =&gt; AuthResult</code> | User has no credentials. Allows user to access a resource when authRequired is 'optional' or 'try' Rejects a request when authRequired: true |
| [notHandled](./kibana-plugin-core-server.authtoolkit.nothandled.md) | <code>() =&gt; AuthResult</code> | User has no credentials. Allows user to access a resource when authRequired is 'optional' Rejects a request when authRequired: true |
| [redirected](./kibana-plugin-core-server.authtoolkit.redirected.md) | <code>(headers: {</code><br/><code> location: string;</code><br/><code> } &amp; ResponseHeaders) =&gt; AuthResult</code> | Redirects user to another location to complete authentication when authRequired: true Allows user to access a resource without redirection when authRequired: 'optional' |

2
docs/development/core/server/kibana-plugin-core-server.authtoolkit.nothandled.md
View file

@ -4,7 +4,7 @@
## AuthToolkit.notHandled property
User has no credentials. Allows user to access a resource when authRequired is 'optional' or 'try' Rejects a request when authRequired: true
User has no credentials. Allows user to access a resource when authRequired is 'optional' Rejects a request when authRequired: true
<b>Signature:</b>

4
docs/development/core/server/kibana-plugin-core-server.routeconfigoptions.authrequired.md
View file

@ -4,12 +4,12 @@
## RouteConfigOptions.authRequired property
Defines authentication mode for a route: - true. A user has to have valid credentials to access a resource - false. A user can access a resource without any credentials. - 'optional'. A user can access a resource if has valid credentials or no credentials at all. Can be useful when we grant access to a resource but want to identify a user if possible. - 'try'. A user can access a resource with valid, invalid or without any credentials. Users with valid credentials will be authenticated
Defines authentication mode for a route: - true. A user has to have valid credentials to access a resource - false. A user can access a resource without any credentials. - 'optional'. A user can access a resource, and will be authenticated if provided credentials are valid. Can be useful when we grant access to a resource but want to identify a user if possible.
Defaults to `true` if an auth mechanism is registered.
<b>Signature:</b>
```typescript
authRequired?: boolean | 'optional' | 'try';
authRequired?: boolean | 'optional';
```

2
docs/development/core/server/kibana-plugin-core-server.routeconfigoptions.md
View file

@ -16,7 +16,7 @@ export interface RouteConfigOptions<Method extends RouteMethod>
| Property | Type | Description |
| --- | --- | --- |
| [authRequired](./kibana-plugin-core-server.routeconfigoptions.authrequired.md) | <code>boolean &#124; 'optional' &#124; 'try'</code> | Defines authentication mode for a route: - true. A user has to have valid credentials to access a resource - false. A user can access a resource without any credentials. - 'optional'. A user can access a resource if has valid credentials or no credentials at all. Can be useful when we grant access to a resource but want to identify a user if possible. - 'try'. A user can access a resource with valid, invalid or without any credentials. Users with valid credentials will be authenticated<!-- -->Defaults to <code>true</code> if an auth mechanism is registered. |
| [authRequired](./kibana-plugin-core-server.routeconfigoptions.authrequired.md) | <code>boolean &#124; 'optional'</code> | Defines authentication mode for a route: - true. A user has to have valid credentials to access a resource - false. A user can access a resource without any credentials. - 'optional'. A user can access a resource, and will be authenticated if provided credentials are valid. Can be useful when we grant access to a resource but want to identify a user if possible.<!-- -->Defaults to <code>true</code> if an auth mechanism is registered. |
| [body](./kibana-plugin-core-server.routeconfigoptions.body.md) | <code>Method extends 'get' &#124; 'options' ? undefined : RouteConfigOptionsBody</code> | Additional body options [RouteConfigOptionsBody](./kibana-plugin-core-server.routeconfigoptionsbody.md)<!-- -->. |
| [tags](./kibana-plugin-core-server.routeconfigoptions.tags.md) | <code>readonly string[]</code> | Additional metadata tag strings to attach to the route. |
| [timeout](./kibana-plugin-core-server.routeconfigoptions.timeout.md) | <code>{</code><br/><code> payload?: Method extends 'get' &#124; 'options' ? undefined : number;</code><br/><code> idleSocket?: number;</code><br/><code> }</code> | Defines per-route timeouts. |

7
src/core/server/http/http_server.ts
View file

@ -225,16 +225,15 @@ export class HttpServer {
private getAuthOption(
authRequired: RouteConfigOptions<any>['authRequired'] = true
): undefined | false | { mode: 'required' | 'optional' | 'try' } {
): undefined | false | { mode: 'required' | 'try' } {
if (this.authRegistered === false) return undefined;
if (authRequired === true) {
return { mode: 'required' };
}
if (authRequired === 'optional') {
return { mode: 'optional' };
}
if (authRequired === 'try') {
// we want to use HAPI `try` mode and not `optional` to not throw unauthorized errors when the user
// has invalid or expired credentials
return { mode: 'try' };
}
if (authRequired === false) {

31
src/core/server/http/integration_tests/core_services.test.ts
View file

@ -136,37 +136,6 @@ describe('http service', () => {
await root.start();
await kbnTestServer.request.get(root, '/is-auth').expect(200, { isAuthenticated: false });
});
it('returns true if authenticated on a route with "try" auth', async () => {
const { http } = await root.setup();
const { createRouter, auth, registerAuth } = http;
registerAuth((req, res, toolkit) => toolkit.authenticated());
const router = createRouter('');
router.get(
{ path: '/is-auth', validate: false, options: { authRequired: 'try' } },
(context, req, res) => res.ok({ body: { isAuthenticated: auth.isAuthenticated(req) } })
);
await root.start();
await kbnTestServer.request.get(root, '/is-auth').expect(200, { isAuthenticated: true });
});
it('returns false if not authenticated on a route with "try" auth', async () => {
const { http } = await root.setup();
const { createRouter, auth, registerAuth } = http;
registerAuth((req, res, toolkit) => toolkit.notHandled());
const router = createRouter('');
router.get(
{ path: '/is-auth', validate: false, options: { authRequired: 'try' } },
(context, req, res) => res.ok({ body: { isAuthenticated: auth.isAuthenticated(req) } })
);
await root.start();
await kbnTestServer.request.get(root, '/is-auth').expect(200, { isAuthenticated: false });
});
});
describe('#get()', () => {
it('returns authenticated status and allow associate auth state with request', async () => {

53
src/core/server/http/integration_tests/http_auth.test.ts
View file

@ -146,46 +146,6 @@ describe('http auth', () => {
await kbnTestServer.request.get(root, '/route').expect(200, { authenticated: false });
});
it('blocks access when auth returns `unauthorized`', async () => {
const { http } = await root.setup();
const { registerAuth, createRouter, auth } = http;
registerAuth((req, res, toolkit) => res.unauthorized());
const router = createRouter('');
registerRoute(router, auth, 'optional');
await root.start();
await kbnTestServer.request.get(root, '/route').expect(401);
});
});
describe('when authRequired is `try`', () => {
it('allows authenticated access when auth returns `authenticated`', async () => {
const { http } = await root.setup();
const { registerAuth, createRouter, auth } = http;
registerAuth((req, res, toolkit) => toolkit.authenticated());
const router = createRouter('');
registerRoute(router, auth, 'try');
await root.start();
await kbnTestServer.request.get(root, '/route').expect(200, { authenticated: true });
});
it('allows anonymous access when auth returns `notHandled`', async () => {
const { http } = await root.setup();
const { registerAuth, createRouter, auth } = http;
registerAuth((req, res, toolkit) => toolkit.notHandled());
const router = createRouter('');
registerRoute(router, auth, 'try');
await root.start();
await kbnTestServer.request.get(root, '/route').expect(200, { authenticated: false });
});
it('allows anonymous access when auth returns `unauthorized`', async () => {
const { http } = await root.setup();
const { registerAuth, createRouter, auth } = http;
@ -193,7 +153,7 @@ describe('http auth', () => {
registerAuth((req, res, toolkit) => res.unauthorized());
const router = createRouter('');
registerRoute(router, auth, 'try');
registerRoute(router, auth, 'optional');
await root.start();
await kbnTestServer.request.get(root, '/route').expect(200, { authenticated: false });
@ -234,16 +194,5 @@ describe('http auth', () => {
await root.start();
await kbnTestServer.request.get(root, '/route').expect(200, { authenticated: false });
});
it('allow access to resources when `authRequired` is `try`', async () => {
const { http } = await root.setup();
const { createRouter, auth } = http;
const router = createRouter('');
registerRoute(router, auth, 'try');
await root.start();
await kbnTestServer.request.get(root, '/route').expect(200, { authenticated: false });
});
});
});

19
src/core/server/http/integration_tests/router.test.ts
View file

@ -114,19 +114,30 @@ describe('Options', () => {
});
});
it('User with invalid credentials cannot access a route', async () => {
const { server: innerServer, createRouter, registerAuth } = await server.setup(setupDeps);
it('User with invalid credentials can access a route', async () => {
const { server: innerServer, createRouter, registerAuth, auth } = await server.setup(
setupDeps
);
const router = createRouter('/');
registerAuth((req, res, toolkit) => res.unauthorized());
router.get(
{ path: '/', validate: false, options: { authRequired: 'optional' } },
(context, req, res) => res.ok({ body: 'ok' })
(context, req, res) =>
res.ok({
body: {
httpAuthIsAuthenticated: auth.isAuthenticated(req),
requestIsAuthenticated: req.auth.isAuthenticated,
},
})
);
await server.start();
await supertest(innerServer.listener).get('/').expect(401);
await supertest(innerServer.listener).get('/').expect(200, {
httpAuthIsAuthenticated: false,
requestIsAuthenticated: false,
});
});
it('does not redirect user and allows access to a resource', async () => {

2
src/core/server/http/lifecycle/auth.ts
View file

@ -123,7 +123,7 @@ export interface AuthToolkit {
authenticated: (data?: AuthResultParams) => AuthResult;
/**
* User has no credentials.
* Allows user to access a resource when authRequired is 'optional' or 'try'
* Allows user to access a resource when authRequired is 'optional'
* Rejects a request when authRequired: true
* */
notHandled: () => AuthResult;

6
src/core/server/http/router/route.ts
View file

@ -108,14 +108,12 @@ export interface RouteConfigOptions<Method extends RouteMethod> {
* Defines authentication mode for a route:
* - true. A user has to have valid credentials to access a resource
* - false. A user can access a resource without any credentials.
* - 'optional'. A user can access a resource if has valid credentials or no credentials at all.
* - 'optional'. A user can access a resource, and will be authenticated if provided credentials are valid.
* Can be useful when we grant access to a resource but want to identify a user if possible.
* - 'try'. A user can access a resource with valid, invalid or without any credentials.
* Users with valid credentials will be authenticated
*
* Defaults to `true` if an auth mechanism is registered.
*/
authRequired?: boolean | 'optional' | 'try';
authRequired?: boolean | 'optional';
/**
* Defines xsrf protection requirements for a route:

2
src/core/server/rendering/bootstrap/register_bootstrap_route.ts
View file

@ -20,7 +20,7 @@ export const registerBootstrapRoute = ({
{
path: '/bootstrap.js',
options: {
authRequired: 'try',
authRequired: 'optional',
tags: ['api'],
},
validate: false,

2
src/core/server/server.api.md
View file

@ -1966,7 +1966,7 @@ export interface RouteConfig<P, Q, B, Method extends RouteMethod> {
// @public
export interface RouteConfigOptions<Method extends RouteMethod> {
authRequired?: boolean | 'optional' | 'try';
authRequired?: boolean | 'optional';
body?: Method extends 'get' | 'options' ? undefined : RouteConfigOptionsBody;
tags?: readonly string[];
timeout?: {