* Use refresh token for any access token error with 401 status code and re-initiate SAML handshake for any refresh token error with 400 status code.
* Review#1: repurpose redundant tests to test token failures with 500 code.
* enable security plugin in basic
enable security on file dataviz and import (ML plugin)
update unit tests
add api test coverage for security in basic
move audit logging to standard+ license level
* removing test that wasn't added until 7.X (feature controls)
* Updates react to 16.6 (latest)
* Updated fragment-based snapshots for Kibana root unit tests
* Updated fragment-based snapshots for x-pack unit tests
* Removed xpack yarn.lock file bc it is no longer needed, it was reintroduced by accident during a rebase in this branch
* React 16.6 snapshot updates, round 2 (mostly Fragment snapshot diffs)
* Updated last round of React 16.6 snapshots
* Fixes query bar issue with 16.4 gDSFP lifecycle
* Updated yarn lock (arraybuffer.slice updated)
* Updates snapshots where executeQueryOptions prop appears
* [security] Token auth provider
From a user perspective, the token provider behaves similarly to the
basic provider in that it can power the native login experience and can
also be used for API calls via the authorization header (albeit with the
Bearer realm).
From a technical perspective, the token provider deals with
authentication via the token service in Elasticsearch, so while it
handles user credentials in the case of login, a temporary, refreshable
access token is stored in the session cookie instead. This means that
when you log out, not only is the cookie invalidated, but the token
itself cannot be reused.
* token provider integration tests
* include token api integration tests by default
* remove unused ProviderOptions from typedef
* assert that valid login sets an authorization header
* unit tests for refresh token and failure cases
* integration tests for headers and sessions
* clean up login/logout tests for consistent setup functions
* test for header rejection scenarios
* EUI 5.8.1 comes with a brand color refresh. Also removes lots of KUI (#27009)
EUI 5.7.0 had a color refresh which switched around our palette to better match branding guidelines. Hex colors are still hard coded in large parts of Kibana so most of the changes not in kbn/ui-framework are simple shifts to match that styling.
* snapshots
Login is no longer coupled directly to our basic auth provider, so
alternative auth providers can now be used with our standard login flow.
The LoginAttempt request service is the mechanism for auth providers to
integrate with the login flow.
We're using the successfully logged out page with the SAML provider
currently, so redirecting to the /login page is problematic since they
won't be able to login using this url. Instead, we're redirecting them
to '/' so that the auth providers can figure out what to do.
Node 10 uses `null` to denote the non-existence of a querystring
parameter when `url.parse(urlString, true)` is used, the following
changes fix our usages within the security plugin.
In practical terms, the flexibility afforded by providers being able to
recover from the failures of previously configured providers isn't
compelling, but the ambiguity is not ideal.
* translate login/logout visualization component part 2
* Update login translation part 2 - change FormattedMessage to intl.formatMessage
* change some ids
* update Infra Ops Part 2 - directly wrap some classes by injectI18n()
* update one snapshot
* update one snapshot
* update tests
* update collapsible_panel.test.tsx
* update one snapshot
* update one test
* change some code
* update one snapshot
* update roles.html
* Fix unit tests
* Fix message
