Fixing mocha tests and broken password change status codes (#50704) (#50803)

* Fixing mocha tests and broken password change status codes * Updating API integration test
2025-04-24 09:48:58 -04:00 · 2019-11-15 15:33:24 -05:00 · 2019-11-15 15:33:24 -05:00 · faaa0111ed
commit faaa0111ed
parent f530fecdd8
4 changed files with 12 additions and 16 deletions
--- a/x-pack/legacy/plugins/security/server/routes/api/v1/tests/authenticate.js
+++ b/x-pack/legacy/plugins/security/server/routes/api/v1/tests/authenticate.js
@ -34,7 +34,7 @@ describe('Authentication routes', () => {

    initAuthenticateApi({
      authc: { login: loginStub, logout: logoutStub },
-      config: { authc: { providers: ['basic'] } },
+      __legacyCompat: { config: { authc: { providers: ['basic'] } } },
    }, serverStub);
  });

--- a/x-pack/legacy/plugins/security/server/routes/api/v1/tests/users.js
+++ b/x-pack/legacy/plugins/security/server/routes/api/v1/tests/users.js
@ -31,7 +31,7 @@ describe('User routes', () => {
    clusterStub = sinon.stub({ callWithRequest() {} });
    sandbox.stub(ClientShield, 'getClient').returns(clusterStub);

-    initUsersApi({ authc: { login: loginStub }, config: { authc: { providers: ['basic'] } } }, serverStub);
+    initUsersApi({ authc: { login: loginStub }, __legacyCompat: { config: { authc: { providers: ['basic'] } } } }, serverStub);
  });

  afterEach(() => sandbox.restore());
@ -90,7 +90,7 @@ describe('User routes', () => {
        expect(response.isBoom).to.be(true);
        expect(response.output.payload).to.eql({
          statusCode: 403,
-          error: 'Unauthorized',
+          error: 'Forbidden',
          message: 'Something went wrong.'
        });
      });
--- a/x-pack/legacy/plugins/security/server/routes/api/v1/users.js
+++ b/x-pack/legacy/plugins/security/server/routes/api/v1/users.js
@ -96,19 +96,15 @@ export function initUsersApi({ authc: { login }, __legacyCompat: { config } }, s
      // If user tries to change own password, let's check if old password is valid first by trying
      // to login.
      if (isCurrentUser) {
-        try {
-          const authenticationResult = await login(KibanaRequest.from(request), {
-            provider: providerToLoginWith,
-            value: { username, password },
-            // We shouldn't alter authentication state just yet.
-            stateless: true,
-          });
+        const authenticationResult = await login(KibanaRequest.from(request), {
+          provider: providerToLoginWith,
+          value: { username, password },
+          // We shouldn't alter authentication state just yet.
+          stateless: true,
+        });

-          if (!authenticationResult.succeeded()) {
-            return Boom.unauthorized(authenticationResult.error);
-          }
-        } catch(err) {
-          throw Boom.forbidden(err);
+        if (!authenticationResult.succeeded()) {
+          return Boom.forbidden(authenticationResult.error);
        }
      }

--- a/x-pack/test/api_integration/apis/security/change_password.ts
+++ b/x-pack/test/api_integration/apis/security/change_password.ts
@ -39,7 +39,7 @@ export default function({ getService }: FtrProviderContext) {
        .set('kbn-xsrf', 'xxx')
        .set('Cookie', sessionCookie.cookieString())
        .send({ password: wrongPassword, newPassword })
-        .expect(401);
+        .expect(403);

      // Let's check that we can't login with wrong password, just in case.
      await supertest