github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 09:19:04 -04:00
Code Issues Projects Releases Packages Wiki Activity

Revert "[http] Make http headers required for internal and when in … (#158961)

Browse source 
…dev mode (#158667)"

This reverts commit de6d8ca33f.
This commit is contained in:
Jon 2023-06-02 14:46:10 -05:00 committed by GitHub
parent 9277c9c274
commit 43928cc9f5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 27 additions and 105 deletions
Download patch file Download diff file Expand all files Collapse all files

2
packages/core/http/core-http-common/src/constants.ts
View file

@ -6,7 +6,7 @@
* Side Public License, v 1.
*/
/** @public */
/** @internal */
export const ELASTIC_HTTP_VERSION_HEADER = 'elastic-api-version' as const;
export const X_ELASTIC_INTERNAL_ORIGIN_REQUEST = 'x-elastic-internal-origin' as const;

22
packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_route.ts
View file

@ -62,7 +62,6 @@ export class CoreVersionedRoute implements VersionedRoute {
}
private isPublic: boolean;
private isInternal: boolean;
private constructor(
private readonly router: CoreVersionedRouter,
public readonly method: Method,
@ -70,7 +69,6 @@ export class CoreVersionedRoute implements VersionedRoute {
public readonly options: VersionedRouteConfig<Method>
) {
this.isPublic = this.options.access === 'public';
this.isInternal = !this.isPublic;
this.router.router[this.method](
{
path: this.path,
@ -93,8 +91,11 @@ export class CoreVersionedRoute implements VersionedRoute {
return resolvers[this.router.defaultHandlerResolutionStrategy]([...this.handlers.keys()]);
}
private versionsToString(): string {
return this.handlers.size ? '[' + [...this.handlers.keys()].join(', ') + ']' : '<none>';
private getAvailableVersionsMessage(): string {
const versions = [...this.handlers.keys()];
return `Available versions are: ${
versions.length ? '[' + [...versions].join(', ') + ']' : '<none>'
}`;
}
private requestHandler = async (
@ -108,13 +109,6 @@ export class CoreVersionedRoute implements VersionedRoute {
body: `No handlers registered for [${this.method}] [${this.path}].`,
});
}
if (!this.hasVersion(req) && (this.isInternal || this.router.isDev)) {
return res.badRequest({
body: `Please specify a version. Available versions: ${this.versionsToString()}`,
});
}
const version = this.getVersion(req);
const invalidVersionMessage = isValidRouteVersion(this.isPublic, version);
@ -127,7 +121,7 @@ export class CoreVersionedRoute implements VersionedRoute {
return res.badRequest({
body: `No version "${version}" available for [${this.method}] [${
this.path
}]. Available versions are: ${this.versionsToString()}`,
}]. ${this.getAvailableVersionsMessage()}`,
});
}
@ -185,10 +179,6 @@ export class CoreVersionedRoute implements VersionedRoute {
);
};
private hasVersion(request: KibanaRequest): boolean {
return ELASTIC_HTTP_VERSION_HEADER in request.headers;
}
private getVersion(request: KibanaRequest): ApiVersion {
const versions = request.headers?.[ELASTIC_HTTP_VERSION_HEADER];
return Array.isArray(versions) ? versions[0] : versions ?? this.getDefaultVersion();

55
src/core/server/integration_tests/http/versioned_router.test.ts
View file

@ -80,7 +80,6 @@ describe('Routing versioned requests', () => {
});
it('handles missing version header (defaults to oldest)', async () => {
await setupServer({ dev: false });
router.versioned
.get({ path: '/my-path', access: 'public' })
.addVersion({ validate: false, version: '2020-02-02' }, async (ctx, req, res) => {
@ -223,56 +222,6 @@ describe('Routing versioned requests', () => {
).resolves.toEqual('1');
});
it('requires version headers to be set for internal HTTP APIs', async () => {
await setupServer({ dev: false });
router.versioned
.get({ path: '/my-path', access: 'internal' })
.addVersion(
{ version: '1', validate: { response: { 200: { body: schema.number() } } } },
async (ctx, req, res) => res.ok()
)
.addVersion(
{ version: '2', validate: { response: { 200: { body: schema.number() } } } },
async (ctx, req, res) => res.ok()
);
await server.start();
await expect(
supertest
.get('/my-path')
.unset('Elastic-Api-Version')
.expect(400)
.then(({ body }) => body.message)
).resolves.toMatch(/Please specify.+version/);
});
it.each([
['public', '2022-02-02', '2022-02-03'],
['internal', '1', '2'],
])('requires version headers to be set %p when in dev', async (access, v1, v2) => {
await setupServer({ dev: true });
router.versioned
.get({ path: '/my-path', access: access as 'internal' | 'public' })
.addVersion(
{ version: v1, validate: { response: { 200: { body: schema.number() } } } },
async (ctx, req, res) => res.ok()
)
.addVersion(
{ version: v2, validate: { response: { 200: { body: schema.number() } } } },
async (ctx, req, res) => res.ok()
);
await server.start();
await expect(
supertest
.get('/my-path')
.unset('Elastic-Api-Version')
.expect(400)
.then(({ body }) => body.message)
).resolves.toMatch(/Please specify.+version/);
});
it('errors when no handler could be found', async () => {
router.versioned.get({ path: '/my-path', access: 'public' });
@ -290,7 +239,7 @@ describe('Routing versioned requests', () => {
});
it('resolves the newest handler on serverless', async () => {
await setupServer({ serverless: true, dev: false });
await setupServer({ serverless: true });
router.versioned
.get({ path: '/my-path', access: 'public' })
@ -312,7 +261,7 @@ describe('Routing versioned requests', () => {
});
it('resolves the oldest handler on anything other than serverless', async () => {
await setupServer({ serverless: false, dev: false });
await setupServer({ serverless: false });
router.versioned
.get({ path: '/my-path', access: 'public' })

1
x-pack/packages/ml/date_picker/src/services/time_field_range.ts
View file

@ -54,6 +54,5 @@ export async function getTimeFieldRange(options: GetTimeFieldRangeOptions) {
path,
method: 'POST',
body: JSON.stringify(body),
version: '1',
});
}

1
x-pack/plugins/cloud_security_posture/public/pages/rules/use_csp_rules.ts
View file

@ -27,7 +27,6 @@ export const useFindCspRuleTemplates = (
() => {
return http.get<GetCspRuleTemplateResponse>(FIND_CSP_RULE_TEMPLATE_ROUTE_PATH, {
query: { packagePolicyId, page, perPage },
version: '1',
});
}
);

12
x-pack/plugins/synthetics/public/legacy_uptime/state/api/ml_anomaly.ts
View file

@ -24,11 +24,11 @@ import {
import { getJobPrefix, getMLJobId } from '../../../../common/lib/ml';
export const getMLCapabilities = async (): Promise<MlCapabilitiesResponse> => {
return await apiService.get(API_URLS.ML_CAPABILITIES, { version: '1' });
return await apiService.get(API_URLS.ML_CAPABILITIES);
};
export const getExistingJobs = async (): Promise<JobExistResult> => {
return await apiService.get(API_URLS.ML_MODULE_JOBS + ML_MODULE_ID, { version: '1' });
return await apiService.get(API_URLS.ML_MODULE_JOBS + ML_MODULE_ID);
};
export const createMLJob = async ({
@ -54,9 +54,7 @@ export const createMLJob = async ({
},
};
const response: DataRecognizerConfigResponse = await apiService.post(url, data, undefined, {
version: '1',
});
const response: DataRecognizerConfigResponse = await apiService.post(url, data);
if (response?.jobs?.[0]?.id === getMLJobId(monitorId)) {
const jobResponse = response.jobs[0];
const datafeedResponse = response.datafeeds[0];
@ -78,7 +76,7 @@ export const createMLJob = async ({
export const deleteMLJob = async ({ monitorId }: MonitorIdParam): Promise<DeleteJobResults> => {
const data = { jobIds: [getMLJobId(monitorId)] };
return await apiService.post(API_URLS.ML_DELETE_JOB, data, undefined, { version: '1' });
return await apiService.post(API_URLS.ML_DELETE_JOB, data);
};
export const fetchAnomalyRecords = async ({
@ -99,5 +97,5 @@ export const fetchAnomalyRecords = async ({
maxRecords: 500,
maxExamples: 10,
};
return apiService.post(API_URLS.ML_ANOMALIES_RESULT, data, undefined, { version: '1' });
return apiService.post(API_URLS.ML_ANOMALIES_RESULT, data);
};

28
x-pack/plugins/synthetics/public/legacy_uptime/state/api/utils.ts
View file

@ -10,7 +10,6 @@ import { formatErrors } from '@kbn/securitysolution-io-ts-utils';
import { HttpFetchQuery, HttpSetup } from '@kbn/core/public';
import { FETCH_STATUS, AddInspectorRequest } from '@kbn/observability-shared-plugin/public';
type Params = HttpFetchQuery & { version?: string };
class ApiService {
private static instance: ApiService;
private _http!: HttpSetup;
@ -42,13 +41,16 @@ class ApiService {
return ApiService.instance;
}
public async get<T>(apiUrl: string, params: Params = {}, decodeType?: any, asResponse = false) {
const { version, ...queryParams } = params;
public async get<T>(
apiUrl: string,
params?: HttpFetchQuery,
decodeType?: any,
asResponse = false
) {
const response = await this._http!.fetch<T>({
path: apiUrl,
query: queryParams,
query: params,
asResponse,
version,
});
this.addInspectorRequest?.({ data: response, status: FETCH_STATUS.SUCCESS, loading: false });
@ -71,13 +73,11 @@ class ApiService {
return response;
}
public async post<T>(apiUrl: string, data?: any, decodeType?: any, params: Params = {}) {
const { version, ...queryParams } = params;
public async post<T>(apiUrl: string, data?: any, decodeType?: any, params?: HttpFetchQuery) {
const response = await this._http!.post<T>(apiUrl, {
method: 'POST',
body: JSON.stringify(data),
query: queryParams,
version,
query: params,
});
this.addInspectorRequest?.({ data: response, status: FETCH_STATUS.SUCCESS, loading: false });
@ -96,13 +96,11 @@ class ApiService {
return response;
}
public async put<T>(apiUrl: string, data?: any, decodeType?: any, params: Params = {}) {
const { version, ...queryParams } = params;
public async put<T>(apiUrl: string, data?: any, decodeType?: any, params?: HttpFetchQuery) {
const response = await this._http!.put<T>(apiUrl, {
method: 'PUT',
body: JSON.stringify(data),
query: queryParams,
version,
query: params,
});
if (decodeType) {
@ -119,8 +117,8 @@ class ApiService {
return response;
}
public async delete<T>(apiUrl: string, { version }: { version?: string } = {}) {
const response = await this._http!.delete<T>(apiUrl, { version });
public async delete<T>(apiUrl: string) {
const response = await this._http!.delete<T>(apiUrl);
if (response instanceof Error) {
throw response;
}

8
x-pack/test/api_integration/apis/cloud_security_posture/get_csp_rule_template.ts
View file

@ -5,7 +5,6 @@
* 2.0.
*/
import expect from '@kbn/expect';
import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common';
import type { GetCspRuleTemplateResponse } from '@kbn/cloud-security-posture-plugin/common/types';
import type { SuperTest, Test } from 'supertest';
import { CspRuleTemplate } from '@kbn/cloud-security-posture-plugin/common/schemas';
@ -51,7 +50,6 @@ export default function ({ getService }: FtrProviderContext) {
const { body }: { body: { message: string } } = await supertest
.get(`/internal/cloud_security_posture/rules/_find`)
.set(ELASTIC_HTTP_VERSION_HEADER, '1')
.set('kbn-xsrf', 'xxxx')
.expect(500);
@ -72,7 +70,6 @@ export default function ({ getService }: FtrProviderContext) {
const { body }: { body: { message: string } } = await supertest
.get(`/internal/cloud_security_posture/rules/_find`)
.set(ELASTIC_HTTP_VERSION_HEADER, '1')
.set('kbn-xsrf', 'xxxx')
.query({
packagePolicyId: 'your-package-policy-id',
@ -88,7 +85,6 @@ export default function ({ getService }: FtrProviderContext) {
it(`Should return 404 status code when the package policy ID does not exist`, async () => {
const { body }: { body: { statusCode: number; error: string } } = await supertest
.get(`/internal/cloud_security_posture/rules/_find`)
.set(ELASTIC_HTTP_VERSION_HEADER, '1')
.set('kbn-xsrf', 'xxxx')
.query({
packagePolicyId: 'non-existing-packagePolicy-id',
@ -111,7 +107,6 @@ export default function ({ getService }: FtrProviderContext) {
const { body }: { body: GetCspRuleTemplateResponse } = await supertest
.get(`/internal/cloud_security_posture/rules/_find`)
.set(ELASTIC_HTTP_VERSION_HEADER, '1')
.set('kbn-xsrf', 'xxxx')
.query({
benchmarkId: 'cis_k8s',
@ -139,7 +134,6 @@ export default function ({ getService }: FtrProviderContext) {
const { body }: { body: GetCspRuleTemplateResponse } = await supertest
.get(`/internal/cloud_security_posture/rules/_find`)
.set(ELASTIC_HTTP_VERSION_HEADER, '1')
.set('kbn-xsrf', 'xxxx')
.query({
benchmarkId: 'cis_k8s',
@ -172,7 +166,6 @@ export default function ({ getService }: FtrProviderContext) {
const { body }: { body: GetCspRuleTemplateResponse } = await supertest
.get(`/internal/cloud_security_posture/rules/_find`)
.set(ELASTIC_HTTP_VERSION_HEADER, '1')
.set('kbn-xsrf', 'xxxx')
.query({
benchmarkId: 'cis_k8s',
@ -205,7 +198,6 @@ export default function ({ getService }: FtrProviderContext) {
const { body }: { body: GetCspRuleTemplateResponse } = await supertest
.get(`/internal/cloud_security_posture/rules/_find`)
.set(ELASTIC_HTTP_VERSION_HEADER, '1')
.set('kbn-xsrf', 'xxxx')
.query({
benchmarkId: 'cis_k8s',

3
x-pack/test/api_integration_basic/apis/aiops/permissions.ts
View file

@ -7,7 +7,6 @@
import fetch from 'node-fetch';
import { format as formatUrl } from 'url';
import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common';
import expect from '@kbn/expect';
@ -37,7 +36,6 @@ export default ({ getService }: FtrProviderContext) => {
await supertest
.post(`/internal/aiops/explain_log_rate_spikes`)
.set('kbn-xsrf', 'kibana')
.set(ELASTIC_HTTP_VERSION_HEADER, '1')
.send(requestBody)
.expect(403);
});
@ -48,7 +46,6 @@ export default ({ getService }: FtrProviderContext) => {
headers: {
'Content-Type': 'application/json',
'kbn-xsrf': 'stream',
[ELASTIC_HTTP_VERSION_HEADER]: '1',
},
body: JSON.stringify(requestBody),
});