[CLOUD-UI] Cloud onboarding token (#198444)

## Summary The solution must be aware of the onboarding token from the cloud onboarding flow. With this information, it can redirect our users to the appropriate onboarding flow in Kibana based on their token. We need to create an API in kibana for cloud to save some basic data. ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: Christiane (Tina) Heiligers <christiane.heiligers@elastic.co> Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
2025-04-23 09:19:04 -04:00 · 2024-11-19 18:42:09 -05:00 · 2024-11-19 18:42:09 -05:00 · 158a828a8e
commit 158a828a8e
parent 78f4d75c3b
20 changed files with 465 additions and 4 deletions
--- a/.buildkite/ftr_platform_stateful_configs.yml
+++ b/.buildkite/ftr_platform_stateful_configs.yml
@ -375,3 +375,4 @@ enabled:
  - x-pack/test/custom_branding/config.ts
  # stateful config files that run deployment-agnostic tests
  - x-pack/test/api_integration/deployment_agnostic/configs/stateful/platform.stateful.config.ts
+  - x-pack/test/api_integration/apis/cloud/config.ts
--- a/packages/kbn-check-mappings-update-cli/current_fields.json
+++ b/packages/kbn-check-mappings-update-cli/current_fields.json
@ -233,6 +233,7 @@
    "payload.connector.type",
    "type"
  ],
+  "cloud": [],
  "cloud-security-posture-settings": [],
  "config": [
    "buildNum"
--- a/packages/kbn-check-mappings-update-cli/current_mappings.json
+++ b/packages/kbn-check-mappings-update-cli/current_mappings.json
@ -788,6 +788,10 @@
      }
    }
  },
+  "cloud": {
+    "dynamic": false,
+    "properties": {}
+  },
  "cloud-security-posture-settings": {
    "dynamic": false,
    "properties": {}
--- a/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts
+++ b/src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts
@ -80,6 +80,7 @@ describe('checking migration metadata changes on all registered SO types', () =>
        "cases-rules": "6d1776f5c46a99e1a0f3085c537146c1cdfbc829",
        "cases-telemetry": "f219eb7e26772884342487fc9602cfea07b3cedc",
        "cases-user-actions": "483f10db9b3bd1617948d7032a98b7791bf87414",
+        "cloud": "b549f4f7ab1fd41aab366a66afa52a2a008aefea",
        "cloud-security-posture-settings": "e0f61c68bbb5e4cfa46ce8994fa001e417df51ca",
        "config": "179b3e2bc672626aafce3cf92093a113f456af38",
        "config-global": "8e8a134a2952df700d7d4ec51abb794bbd4cf6da",
--- a/src/core/server/integration_tests/saved_objects/migrations/group3/type_registrations.test.ts
+++ b/src/core/server/integration_tests/saved_objects/migrations/group3/type_registrations.test.ts
@ -32,6 +32,7 @@ const previouslyRegisteredTypes = [
  'canvas-element',
  'canvas-workpad',
  'canvas-workpad-template',
+  'cloud',
  'cloud-security-posture-settings',
  'cases',
  'cases-comments',
--- a/x-pack/plugins/cloud/server/plugin.ts
+++ b/x-pack/plugins/cloud/server/plugin.ts
@ -9,6 +9,7 @@ import type { Logger } from '@kbn/logging';
 import type { CoreSetup, Plugin, PluginInitializerContext } from '@kbn/core/server';
 import type { UsageCollectionSetup } from '@kbn/usage-collection-plugin/server';
 import type { SolutionId } from '@kbn/core-chrome-browser';
+
 import { registerCloudDeploymentMetadataAnalyticsContext } from '../common/register_cloud_deployment_id_analytics_context';
 import type { CloudConfigType } from './config';
 import { registerCloudUsageCollector } from './collectors';
@ -18,7 +19,9 @@ import { decodeCloudId, DecodedCloudId } from '../common/decode_cloud_id';
 import { parseOnboardingSolution } from '../common/parse_onboarding_default_solution';
 import { getFullCloudUrl } from '../common/utils';
 import { readInstanceSizeMb } from './env';
-import { defineRoutes } from './routes/elasticsearch_routes';
+import { defineRoutes } from './routes';
+import { CloudRequestHandlerContext } from './routes/types';
+import { setupSavedObjects } from './saved_objects';

 interface PluginsSetup {
  usageCollection?: UsageCollectionSetup;
@ -202,10 +205,15 @@ export class CloudPlugin implements Plugin<CloudSetup, CloudStart> {
    if (this.config.id) {
      decodedId = decodeCloudId(this.config.id, this.logger);
    }
-    const router = core.http.createRouter();
+    const router = core.http.createRouter<CloudRequestHandlerContext>();
    const elasticsearchUrl = core.elasticsearch.publicBaseUrl || decodedId?.elasticsearchUrl;
-    defineRoutes({ logger: this.logger, router, elasticsearchUrl });
+    defineRoutes({
+      logger: this.logger,
+      router,
+      elasticsearchUrl,
+    });

+    setupSavedObjects(core.savedObjects, this.logger);
    return {
      ...this.getCloudUrls(),
      cloudId: this.config.id,
--- a/x-pack/plugins/cloud/server/routes/constants.ts
+++ b/x-pack/plugins/cloud/server/routes/constants.ts
@ -0,0 +1,8 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export const CLOUD_DATA_SAVED_OBJECT_ID = 'cloud-data-saved-object-id';
--- a/x-pack/plugins/cloud/server/routes/elasticsearch_routes.ts
+++ b/x-pack/plugins/cloud/server/routes/elasticsearch_routes.ts
@ -10,7 +10,7 @@ import { Logger } from '@kbn/logging';
 import { ElasticsearchConfigType } from '../../common/types';
 import { ELASTICSEARCH_CONFIG_ROUTE } from '../../common/constants';

-export function defineRoutes({
+export function setElasticsearchRoute({
  elasticsearchUrl,
  logger,
  router,
--- a/x-pack/plugins/cloud/server/routes/get_cloud_data_route.ts
+++ b/x-pack/plugins/cloud/server/routes/get_cloud_data_route.ts
@ -0,0 +1,43 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { RouteOptions } from '.';
+import { CLOUD_DATA_SAVED_OBJECT_ID } from './constants';
+import { CLOUD_DATA_SAVED_OBJECT_TYPE } from '../saved_objects';
+import { CloudDataAttributes } from './types';
+
+export const setGetCloudSolutionDataRoute = ({ router }: RouteOptions) => {
+  router.versioned
+    .get({
+      path: `/internal/cloud/solution`,
+      access: 'internal',
+      summary: 'Get cloud data for solutions',
+    })
+    .addVersion(
+      {
+        version: '1',
+        validate: {
+          request: {},
+        },
+      },
+      async (context, request, response) => {
+        const coreContext = await context.core;
+        const savedObjectsClient = coreContext.savedObjects.getClient({
+          includedHiddenTypes: [CLOUD_DATA_SAVED_OBJECT_TYPE],
+        });
+        try {
+          const cloudDataSo = await savedObjectsClient.get<CloudDataAttributes>(
+            CLOUD_DATA_SAVED_OBJECT_TYPE,
+            CLOUD_DATA_SAVED_OBJECT_ID
+          );
+          return response.ok({ body: cloudDataSo?.attributes ?? null });
+        } catch (error) {
+          return response.customError(error);
+        }
+      }
+    );
+};
--- a/x-pack/plugins/cloud/server/routes/index.ts
+++ b/x-pack/plugins/cloud/server/routes/index.ts
@ -0,0 +1,27 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { IRouter } from '@kbn/core/server';
+import { Logger } from '@kbn/logging';
+import { setPostCloudSolutionDataRoute } from './set_cloud_data_route';
+import { CloudRequestHandlerContext } from './types';
+import { setElasticsearchRoute } from './elasticsearch_route';
+import { setGetCloudSolutionDataRoute } from './get_cloud_data_route';
+
+export interface RouteOptions {
+  logger: Logger;
+  router: IRouter<CloudRequestHandlerContext>;
+  elasticsearchUrl?: string;
+}
+
+export function defineRoutes(opts: RouteOptions) {
+  const { logger, elasticsearchUrl, router } = opts;
+
+  setElasticsearchRoute({ logger, elasticsearchUrl, router });
+  setGetCloudSolutionDataRoute({ logger, router });
+  setPostCloudSolutionDataRoute({ logger, router });
+}
--- a/x-pack/plugins/cloud/server/routes/set_cloud_data_route.test.ts
+++ b/x-pack/plugins/cloud/server/routes/set_cloud_data_route.test.ts
@ -0,0 +1,119 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { httpServerMock, httpServiceMock } from '@kbn/core/server/mocks';
+import {
+  RequestHandlerContext,
+  RouteValidatorConfig,
+  SavedObjectsErrorHelpers,
+  kibanaResponseFactory,
+} from '@kbn/core/server';
+import { CLOUD_DATA_SAVED_OBJECT_TYPE } from '../saved_objects';
+import { CLOUD_DATA_SAVED_OBJECT_ID } from './constants';
+import { setPostCloudSolutionDataRoute } from './set_cloud_data_route';
+import { RouteOptions } from '.';
+
+const mockSavedObjectsClientGet = jest.fn();
+const mockSavedObjectsClientCreate = jest.fn();
+const mockSavedObjectsClientUpdate = jest.fn();
+
+const mockRouteContext = {
+  core: {
+    savedObjects: {
+      getClient: () => ({
+        get: mockSavedObjectsClientGet,
+        create: mockSavedObjectsClientCreate,
+        update: mockSavedObjectsClientUpdate,
+      }),
+    },
+  },
+} as unknown as RequestHandlerContext;
+
+describe('POST /internal/cloud/solution', () => {
+  const setup = async () => {
+    const httpService = httpServiceMock.createSetupContract();
+    const router = httpService.createRouter();
+
+    setPostCloudSolutionDataRoute({
+      router,
+    } as unknown as RouteOptions);
+
+    const [routeDefinition, routeHandler] =
+      router.versioned.post.mock.results[0].value.addVersion.mock.calls[0];
+
+    return {
+      routeValidation: routeDefinition.validate as RouteValidatorConfig<{}, {}, {}>,
+      routeHandler,
+    };
+  };
+  beforeEach(() => {
+    jest.clearAllMocks();
+  });
+
+  it('should create cloud data if it does not exist', async () => {
+    const { routeHandler } = await setup();
+
+    mockSavedObjectsClientGet.mockRejectedValue(
+      SavedObjectsErrorHelpers.createGenericNotFoundError()
+    );
+
+    const request = httpServerMock.createKibanaRequest({
+      body: {
+        onboardingData: {
+          solutionType: 'security',
+          token: 'test-token',
+        },
+      },
+      method: 'post',
+    });
+
+    await routeHandler(mockRouteContext, request, kibanaResponseFactory);
+
+    expect(mockSavedObjectsClientGet).toHaveBeenCalledWith(
+      CLOUD_DATA_SAVED_OBJECT_TYPE,
+      CLOUD_DATA_SAVED_OBJECT_ID
+    );
+    expect(mockSavedObjectsClientCreate).toHaveBeenCalledWith(
+      CLOUD_DATA_SAVED_OBJECT_TYPE,
+      { onboardingData: request.body.onboardingData },
+      { id: CLOUD_DATA_SAVED_OBJECT_ID }
+    );
+  });
+
+  it('should update cloud data if it exists', async () => {
+    const { routeHandler } = await setup();
+
+    mockSavedObjectsClientGet.mockResolvedValue({
+      id: CLOUD_DATA_SAVED_OBJECT_ID,
+      attributes: {
+        onboardingData: { solutionType: 'o11y', token: 'test-33' },
+      },
+    });
+
+    const request = httpServerMock.createKibanaRequest({
+      body: {
+        onboardingData: {
+          solutionType: 'security',
+          token: 'test-token',
+        },
+      },
+      method: 'post',
+    });
+
+    await routeHandler(mockRouteContext, request, kibanaResponseFactory);
+
+    expect(mockSavedObjectsClientGet).toHaveBeenCalledWith(
+      CLOUD_DATA_SAVED_OBJECT_TYPE,
+      CLOUD_DATA_SAVED_OBJECT_ID
+    );
+    expect(mockSavedObjectsClientUpdate).toHaveBeenCalledWith(
+      CLOUD_DATA_SAVED_OBJECT_TYPE,
+      CLOUD_DATA_SAVED_OBJECT_ID,
+      { onboardingData: request.body.onboardingData }
+    );
+  });
+});
--- a/x-pack/plugins/cloud/server/routes/set_cloud_data_route.ts
+++ b/x-pack/plugins/cloud/server/routes/set_cloud_data_route.ts
@ -0,0 +1,92 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { schema } from '@kbn/config-schema';
+import { ReservedPrivilegesSet, SavedObjectsErrorHelpers } from '@kbn/core/server';
+import { RouteOptions } from '.';
+import { CLOUD_DATA_SAVED_OBJECT_ID } from './constants';
+import { CLOUD_DATA_SAVED_OBJECT_TYPE } from '../saved_objects';
+import { CloudDataAttributes } from './types';
+
+const createBodySchemaV1 = schema.object({
+  onboardingData: schema.object({
+    solutionType: schema.oneOf([
+      schema.literal('security'),
+      schema.literal('observability'),
+      schema.literal('search'),
+      schema.literal('elasticsearch'),
+    ]),
+    token: schema.string(),
+  }),
+});
+
+export const setPostCloudSolutionDataRoute = ({ router }: RouteOptions) => {
+  router.versioned
+    .post({
+      path: `/internal/cloud/solution`,
+      access: 'internal',
+      summary: 'Save cloud data for solutions',
+      security: {
+        authz: {
+          requiredPrivileges: [ReservedPrivilegesSet.superuser],
+        },
+      },
+    })
+    .addVersion(
+      {
+        version: '1',
+        validate: {
+          request: {
+            body: createBodySchemaV1,
+          },
+        },
+      },
+      async (context, request, response) => {
+        const coreContext = await context.core;
+        const savedObjectsClient = coreContext.savedObjects.getClient({
+          includedHiddenTypes: [CLOUD_DATA_SAVED_OBJECT_TYPE],
+        });
+        let cloudDataSo = null;
+        try {
+          cloudDataSo = await savedObjectsClient.get<CloudDataAttributes>(
+            CLOUD_DATA_SAVED_OBJECT_TYPE,
+            CLOUD_DATA_SAVED_OBJECT_ID
+          );
+        } catch (error) {
+          if (SavedObjectsErrorHelpers.isNotFoundError(error)) {
+            cloudDataSo = null;
+          } else {
+            return response.customError(error);
+          }
+        }
+
+        try {
+          if (cloudDataSo === null) {
+            await savedObjectsClient.create<CloudDataAttributes>(
+              CLOUD_DATA_SAVED_OBJECT_TYPE,
+              {
+                onboardingData: request.body.onboardingData,
+              },
+              { id: CLOUD_DATA_SAVED_OBJECT_ID }
+            );
+          } else {
+            await savedObjectsClient.update<CloudDataAttributes>(
+              CLOUD_DATA_SAVED_OBJECT_TYPE,
+              CLOUD_DATA_SAVED_OBJECT_ID,
+              {
+                onboardingData: request.body.onboardingData,
+              }
+            );
+          }
+        } catch (error) {
+          return response.badRequest(error);
+        }
+
+        return response.ok();
+      }
+    );
+};
--- a/x-pack/plugins/cloud/server/routes/types.ts
+++ b/x-pack/plugins/cloud/server/routes/types.ts
@ -0,0 +1,20 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { CustomRequestHandlerContext } from '@kbn/core/server';
+
+/**
+ * @internal
+ */
+export type CloudRequestHandlerContext = CustomRequestHandlerContext<{}>;
+
+export interface CloudDataAttributes {
+  onboardingData: {
+    solutionType: 'security' | 'observability' | 'search' | 'elasticsearch';
+    token: string;
+  };
+}
--- a/x-pack/plugins/cloud/server/saved_objects/index.ts
+++ b/x-pack/plugins/cloud/server/saved_objects/index.ts
@ -0,0 +1,27 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { Logger, SavedObjectsServiceSetup } from '@kbn/core/server';
+
+export const CLOUD_DATA_SAVED_OBJECT_TYPE = 'cloud' as const;
+
+export function setupSavedObjects(savedObjects: SavedObjectsServiceSetup, logger: Logger) {
+  savedObjects.registerType({
+    name: CLOUD_DATA_SAVED_OBJECT_TYPE,
+    hidden: true,
+    hiddenFromHttpApis: true,
+    namespaceType: 'agnostic',
+    mappings: {
+      dynamic: false,
+      properties: {},
+    },
+    management: {
+      importableAndExportable: false,
+    },
+    modelVersions: {},
+  });
+}
--- a/x-pack/plugins/cloud/server/saved_objects/model_versions/cloud_data_model_versions.ts
+++ b/x-pack/plugins/cloud/server/saved_objects/model_versions/cloud_data_model_versions.ts
@ -0,0 +1,19 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { SavedObjectsModelVersionMap } from '@kbn/core-saved-objects-server';
+import { schema } from '@kbn/config-schema';
+
+export const cloudDataModelVersions: SavedObjectsModelVersionMap = {
+  '1': {
+    changes: [],
+    schemas: {
+      forwardCompatibility: schema.object({}).extends({}, { unknowns: 'ignore' }),
+      create: schema.object({}),
+    },
+  },
+};
--- a/x-pack/plugins/cloud/server/saved_objects/model_versions/index.ts
+++ b/x-pack/plugins/cloud/server/saved_objects/model_versions/index.ts
@ -0,0 +1,8 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export { cloudDataModelVersions } from './cloud_data_model_versions';
--- a/x-pack/plugins/cloud/tsconfig.json
+++ b/x-pack/plugins/cloud/tsconfig.json
@ -17,6 +17,7 @@
    "@kbn/config-schema",
    "@kbn/logging-mocks",
    "@kbn/logging",
+    "@kbn/core-saved-objects-server",
  ],
  "exclude": [
    "target/**/*",
--- a/x-pack/test/api_integration/apis/cloud/config.ts
+++ b/x-pack/test/api_integration/apis/cloud/config.ts
@ -0,0 +1,26 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { FtrConfigProviderContext } from '@kbn/test';
+
+export default async function ({ readConfigFile }: FtrConfigProviderContext) {
+  const baseIntegrationTestsConfig = await readConfigFile(require.resolve('../../config.ts'));
+
+  return {
+    ...baseIntegrationTestsConfig.getAll(),
+    testFiles: [require.resolve('.')],
+    kbnTestServer: {
+      ...baseIntegrationTestsConfig.get('kbnTestServer'),
+      serverArgs: [
+        ...baseIntegrationTestsConfig.get('kbnTestServer.serverArgs'),
+        '--xpack.cloud.id="ftr_fake_cloud_id:aGVsbG8uY29tOjQ0MyRFUzEyM2FiYyRrYm4xMjNhYmM="',
+        '--xpack.cloud.base_url="https://cloud.elastic.co"',
+        '--xpack.spaces.allowSolutionVisibility=true',
+      ],
+    },
+  };
+}
--- a/x-pack/test/api_integration/apis/cloud/index.ts
+++ b/x-pack/test/api_integration/apis/cloud/index.ts
@ -0,0 +1,14 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { FtrProviderContext } from '../../ftr_provider_context';
+
+export default function ({ loadTestFile }: FtrProviderContext) {
+  describe('cloud data', function () {
+    loadTestFile(require.resolve('./set_cloud_data_route'));
+  });
+}
--- a/x-pack/test/api_integration/apis/cloud/set_cloud_data_route.ts
+++ b/x-pack/test/api_integration/apis/cloud/set_cloud_data_route.ts
@ -0,0 +1,41 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import expect from '@kbn/expect';
+import { FtrProviderContext } from '../../ftr_provider_context';
+
+export default function ({ getService }: FtrProviderContext) {
+  const supertest = getService('supertest');
+
+  describe('POST /internal/cloud/solution', () => {
+    it('set solution data', async () => {
+      await supertest
+        .post('/internal/cloud/solution')
+        .set('kbn-xsrf', 'xxx')
+        .set('x-elastic-internal-origin', 'cloud')
+        .set('elastic-api-version', '1')
+        .send({
+          onboardingData: {
+            solutionType: 'search',
+            token: 'connectors',
+          },
+        })
+        .expect(200);
+
+      const {
+        body: { onboardingData },
+      } = await supertest
+        .get('/internal/cloud/solution')
+        .set('kbn-xsrf', 'xxx')
+        .set('x-elastic-internal-origin', 'cloud')
+        .set('elastic-api-version', '1')
+        .expect(200);
+
+      expect(onboardingData).to.eql({ solutionType: 'search', token: 'connectors' });
+    });
+  });
+}