github-mirrors/elasticsearch
1
0
Fork 0
mirror of https://github.com/elastic/elasticsearch.git synced 2025-04-24 23:27:25 -04:00
Code Issues Projects Releases Packages Wiki Activity

Adding authentication information to access token create APIs (#62490)

Browse source 
* Adding authentication information to access token create APIs

Adding authentication object to following APIs:
/_security/oauth2/token
/_security/delegate_pki
/_security/saml/authenticate
/_security/oidc/authenticate

Resolves: #59685
(cherry picked from commit 51dbd9e584)

* Addressing PR commends, fixing tests

* Returning tokenGroups attribute as SID string instead of byte array (AD metadata)

Addressing PR comments

* Returning tokenGroups attribute as SID string instead of byte array (AD metadata)

Update version check

* Returning tokenGroups attribute as SID string instead of byte array (AD metadata)

Update version check

* Addressing more PR comments

* Adding more to integration tests + some small fixes
This commit is contained in:
Lyudmila Fokina 2020-10-16 09:12:44 +02:00 committed by GitHub
parent 2b4bde45b6
commit 2351bb399c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
28 changed files with 500 additions and 96 deletions
Download patch file Download diff file Expand all files Collapse all files

4
docs/java-rest/high-level/security/create-token.asciidoc
View file

@ -49,6 +49,8 @@ The returned `CreateTokenResponse` contains the following properties:
`scope`:: The scope of the token. May be `null`.
`refreshToken`:: A secondary "refresh" token that may be used to extend
the life of an access token. May be `null`.
`authentication`:: This is the authentication object for the newly created token. See also
<<{upid}-authenticate-response, authenticate response>> for details.
["source","java",subs="attributes,callouts,macros"]
--------------------------------------------------
@ -83,4 +85,4 @@ include-tagged::{doc-tests}/SecurityDocumentationIT.java[create-token-execute-li
--------------------------------------------------
<1> Called when the execution is successfully completed. The response is
provided as an argument
<2> Called in case of failure. The raised exception is provided as an argument
<2> Called in case of failure. The raised exception is provided as an argument

2
docs/java-rest/high-level/security/delegate-pki-authentication.asciidoc
View file

@ -52,6 +52,8 @@ The returned +{response}+ contains the following properties:
`type`:: The type of the token, this is always `"Bearer"`.
`expiresIn`:: The length of time (in seconds) until the token will expire.
The token will be considered invalid after that time.
`authentication`:: This is the authentication object for the newly created token. See also
<<{upid}-authenticate-response, authenticate response>> for details.
["source","java",subs="attributes,callouts,macros"]
--------------------------------------------------