Migrate Enterprise search plugin authc dependencies from security plu…

…gin to core security service (elastic#189713) ## Summary Part of elastic#186574 Closes elastic#189714 Background: This PR is an example of a plugin migrating away from depending on the Security plugin, which is a high-priority effort for the last release before 9.0. The Enterprise search plugin uses authc.apiKeys.create from the security plugin's start contract on the server side. For more context, the PR which exposes the API keys service from core is here: elastic#186910 This PR migrates the usage from the security plugin start contract to the core security service. --------- Co-authored-by: Elastic Machine <[email protected]> Co-authored-by: kibanamachine <[email protected]>
patrykkopycinski · Aug 30, 2024 · 74a551e · 74a551e
1 parent 3e0a431
commit 74a551e
Show file tree

Hide file tree

Showing 5 changed files with 17 additions and 28 deletions.
diff --git a/x-pack/plugins/enterprise_search/server/lib/indices/create_api_key.test.ts b/x-pack/plugins/enterprise_search/server/lib/indices/create_api_key.test.ts
@@ -5,14 +5,12 @@
  * 2.0.
  */
 
-import { KibanaRequest } from '@kbn/core/server';
-import { securityMock } from '@kbn/security-plugin/server/mocks';
+import { securityServiceMock } from '@kbn/core-security-server-mocks';
 
 import { createApiKey } from './create_api_key';
 
 describe('createApiKey lib function', () => {
-  const security = securityMock.createStart();
-  const request = {} as KibanaRequest;
+  const security = securityServiceMock.createRequestHandlerContext();
 
   const indexName = 'my-index';
   const keyName = '{indexName}-key';
@@ -31,11 +29,9 @@ describe('createApiKey lib function', () => {
   });
 
   it('should create an api key via the security plugin', async () => {
-    await expect(createApiKey(request, security, indexName, keyName)).resolves.toEqual(
-      createResponse
-    );
+    await expect(createApiKey(security, indexName, keyName)).resolves.toEqual(createResponse);
 
-    expect(security.authc.apiKeys.create).toHaveBeenCalledWith(request, {
+    expect(security.authc.apiKeys.create).toHaveBeenCalledWith({
       name: keyName,
       role_descriptors: {
         [`${indexName}-key-role`]: {

diff --git a/x-pack/plugins/enterprise_search/server/lib/indices/create_api_key.ts b/x-pack/plugins/enterprise_search/server/lib/indices/create_api_key.ts
@@ -5,19 +5,16 @@
  * 2.0.
  */
 
-import { KibanaRequest } from '@kbn/core/server';
-
-import { SecurityPluginStart } from '@kbn/security-plugin/server';
+import type { SecurityRequestHandlerContext } from '@kbn/core-security-server';
 
 import { toAlphanumeric } from '../../../common/utils/to_alphanumeric';
 
 export const createApiKey = async (
-  request: KibanaRequest,
-  security: SecurityPluginStart,
+  security: SecurityRequestHandlerContext,
   indexName: string,
   keyName: string
 ) => {
-  return await security.authc.apiKeys.create(request, {
+  return await security.authc.apiKeys.create({
     name: keyName,
     role_descriptors: {
       [`${toAlphanumeric(indexName)}-key-role`]: {

diff --git a/x-pack/plugins/enterprise_search/server/plugin.ts b/x-pack/plugins/enterprise_search/server/plugin.ts
@@ -25,7 +25,7 @@ import type { LicensingPluginStart } from '@kbn/licensing-plugin/public';
 import { LogsSharedPluginSetup } from '@kbn/logs-shared-plugin/server';
 import type { MlPluginSetup } from '@kbn/ml-plugin/server';
 import { SearchConnectorsPluginSetup } from '@kbn/search-connectors-plugin/server';
-import { SecurityPluginSetup, SecurityPluginStart } from '@kbn/security-plugin/server';
+import { SecurityPluginSetup } from '@kbn/security-plugin/server';
 import { SpacesPluginStart } from '@kbn/spaces-plugin/server';
 import { UsageCollectionSetup } from '@kbn/usage-collection-plugin/server';
 
@@ -104,7 +104,6 @@ interface PluginsSetup {
 
 export interface PluginsStart {
   data: DataPluginStart;
-  security: SecurityPluginStart;
   spaces?: SpacesPluginStart;
 }
 
@@ -284,9 +283,7 @@ export class EnterpriseSearchPlugin implements Plugin {
       registerAnalyticsRoutes({ ...dependencies, data, savedObjects: coreStart.savedObjects });
     });
 
-    void getStartServices().then(([, { security: securityStart }]) => {
-      registerApiKeysRoutes(dependencies, securityStart);
-    });
+    registerApiKeysRoutes(dependencies);
 
     /**
      * Bootstrap the routes, saved objects, and collector for telemetry

diff --git a/x-pack/plugins/enterprise_search/server/routes/enterprise_search/api_keys.ts b/x-pack/plugins/enterprise_search/server/routes/enterprise_search/api_keys.ts
@@ -7,16 +7,11 @@
 
 import { schema } from '@kbn/config-schema';
 
-import { SecurityPluginStart } from '@kbn/security-plugin/server';
-
 import { createApiKey } from '../../lib/indices/create_api_key';
 import { RouteDependencies } from '../../plugin';
 import { elasticsearchErrorHandler } from '../../utils/elasticsearch_error_handler';
 
-export function registerApiKeysRoutes(
-  { log, router }: RouteDependencies,
-  security: SecurityPluginStart
-) {
+export function registerApiKeysRoutes({ log, router }: RouteDependencies) {
   router.post(
     {
       path: '/internal/enterprise_search/{indexName}/api_keys',
@@ -32,8 +27,9 @@ export function registerApiKeysRoutes(
     elasticsearchErrorHandler(log, async (context, request, response) => {
       const indexName = decodeURIComponent(request.params.indexName);
       const { keyName } = request.body;
+      const { security: coreSecurity } = await context.core;
 
-      const createResponse = await createApiKey(request, security, indexName, keyName);
+      const createResponse = await createApiKey(coreSecurity, indexName, keyName);
 
       if (!createResponse) {
         throw new Error('Unable to create API Key');
@@ -118,7 +114,8 @@ export function registerApiKeysRoutes(
       },
     },
     async (context, request, response) => {
-      const result = await security.authc.apiKeys.create(request, request.body);
+      const { security: coreSecurity } = await context.core;
+      const result = await coreSecurity.authc.apiKeys.create(request.body);
       if (result) {
         const apiKey = { ...result, beats_logstash_format: `${result.id}:${result.api_key}` };
         return response.ok({ body: apiKey });

diff --git a/x-pack/plugins/enterprise_search/tsconfig.json b/x-pack/plugins/enterprise_search/tsconfig.json
@@ -81,6 +81,8 @@
     "@kbn/core-chrome-browser",
     "@kbn/navigation-plugin",
     "@kbn/search-homepage",
-    "@kbn/security-plugin-types-common"
+    "@kbn/security-plugin-types-common",
+    "@kbn/core-security-server",
+    "@kbn/core-security-server-mocks"
   ]
 }