diff --git a/README.md b/README.md index e1b3bb8..1a56ee2 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ [![Build Status](https://travis-ci.org/Cleafy/elasticsearch6-http-basic.svg?branch=master)](https://github.com/Cleafy/elasticsearch6-http-basic) -# HTTP Basic auth for ElasticSearch 6.x +# HTTP Basic auth for ElasticSearch This plugin provides an extension of ElasticSearchs HTTP Transport module to enable **HTTP basic authentication** and/or **Ip based authentication**. @@ -16,8 +16,10 @@ There is no way to configure this on a per index basis. | Http Basic Plugin | elasticsearch | |-----------------------------|------------------------------| -| v1.0.0 | 6.3.2 | - +| v0.0.1 | 6.3.2 | +| v0.1.0 | 7.6.0 | +| v0.2.0 | 7.12.0 | +| v0.3.0 | 7.13.3 | ## Installation diff --git a/pom.xml b/pom.xml index 70850da..304ceb0 100644 --- a/pom.xml +++ b/pom.xml @@ -3,32 +3,32 @@ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> 4.0.0 - com.cleafy.elasticsearch6 - elasticsearch6-http-basic - 1.0.0 + com.cleafy.elasticsearch + elasticsearch-http-basic-auth-plugin + 0.3.0 jar - Elasticsearch 6.x Http Basic plugin + Elasticsearch Http Basic plugin Adds HTTP Basic authentication (BA) to your Elasticsearch cluster - https://github.com/Cleafy/elasticsearch-http-basic + https://github.com/Cleafy/elasticsearch-http-basic-auth-plugin 2018 1 INFO + UTF-8 org.elasticsearch elasticsearch - 6.3.2 + 7.13.3 provided - org.elasticsearch.test framework - 6.3.2 + 7.12.0 test @@ -40,7 +40,7 @@ - elasticsearch6-http-basic-plugin + elasticsearch-http-basic-auth-plugin src/main/resources @@ -54,7 +54,7 @@ maven-assembly-plugin 2.6 - false + true ${project.build.directory}/releases/ ${basedir}/src/main/assemblies/plugin.xml diff --git a/src/main/assemblies/plugin.xml b/src/main/assemblies/plugin.xml index 2253aba..36d17db 100644 --- a/src/main/assemblies/plugin.xml +++ b/src/main/assemblies/plugin.xml @@ -1,10 +1,19 @@ - plugin + 0.3.0 zip false + + + / + src/main/resources + + *.properties + + + / @@ -19,7 +28,7 @@ true true - com.cleafy.elasticsearch:elasticsearch6-http-basic + com.cleafy.elasticsearch:elasticsearch-http-basic diff --git a/src/main/java/com/cleafy/elasticsearch6/plugins/http/BasicRestFilter.java b/src/main/java/com/cleafy/elasticsearch/plugins/http/BasicRestFilter.java similarity index 84% rename from src/main/java/com/cleafy/elasticsearch6/plugins/http/BasicRestFilter.java rename to src/main/java/com/cleafy/elasticsearch/plugins/http/BasicRestFilter.java index 7a71f0a..3154b3c 100644 --- a/src/main/java/com/cleafy/elasticsearch6/plugins/http/BasicRestFilter.java +++ b/src/main/java/com/cleafy/elasticsearch/plugins/http/BasicRestFilter.java @@ -1,9 +1,9 @@ -package com.cleafy.elasticsearch6.plugins.http; +package com.cleafy.elasticsearch.plugins.http; -import com.cleafy.elasticsearch6.plugins.http.auth.AuthCredentials; -import com.cleafy.elasticsearch6.plugins.http.auth.HttpBasicAuthenticator; -import com.cleafy.elasticsearch6.plugins.http.utils.Globals; -import com.cleafy.elasticsearch6.plugins.http.utils.LoggerUtils; +import com.cleafy.elasticsearch.plugins.http.auth.AuthCredentials; +import com.cleafy.elasticsearch.plugins.http.auth.HttpBasicAuthenticator; +import com.cleafy.elasticsearch.plugins.http.utils.Globals; +import com.cleafy.elasticsearch.plugins.http.utils.LoggerUtils; import org.elasticsearch.ElasticsearchException; import org.elasticsearch.client.node.NodeClient; import org.elasticsearch.common.settings.Settings; @@ -12,7 +12,7 @@ public class BasicRestFilter { private final HttpBasicAuthenticator httpBasicAuthenticator; - private boolean isUnauthLogEnabled; + private final boolean isUnauthLogEnabled; public BasicRestFilter(final Settings settings) { super(); diff --git a/src/main/java/com/cleafy/elasticsearch6/plugins/http/HttpBasicServerPlugin.java b/src/main/java/com/cleafy/elasticsearch/plugins/http/HttpBasicServerPlugin.java similarity index 86% rename from src/main/java/com/cleafy/elasticsearch6/plugins/http/HttpBasicServerPlugin.java rename to src/main/java/com/cleafy/elasticsearch/plugins/http/HttpBasicServerPlugin.java index 214a2c8..ea4283f 100644 --- a/src/main/java/com/cleafy/elasticsearch6/plugins/http/HttpBasicServerPlugin.java +++ b/src/main/java/com/cleafy/elasticsearch/plugins/http/HttpBasicServerPlugin.java @@ -1,6 +1,6 @@ -package com.cleafy.elasticsearch6.plugins.http; +package com.cleafy.elasticsearch.plugins.http; -import com.cleafy.elasticsearch6.plugins.http.utils.Globals; +import com.cleafy.elasticsearch.plugins.http.utils.Globals; import org.elasticsearch.common.inject.Inject; import org.elasticsearch.common.settings.Setting; import org.elasticsearch.common.settings.Settings; @@ -19,7 +19,7 @@ */ public class HttpBasicServerPlugin extends Plugin implements ActionPlugin { - private boolean enabledByDefault = false; + private final boolean enabledByDefault = false; private final Settings settings; BasicRestFilter basicFilter; @@ -40,9 +40,9 @@ public String description() { @Override public UnaryOperator getRestHandlerWrapper(final ThreadContext threadContext) { if (this.settings.getAsBoolean(Globals.SETTINGS_ENABLED, enabledByDefault)) { - return (rh) -> basicFilter.wrap(rh); + return rh -> basicFilter.wrap(rh); } - return (rh) -> rh; + return rh -> rh; } @Override @@ -58,9 +58,8 @@ public Settings additionalSettings() { @Override public List> getSettings() { - List> settings = new ArrayList>(); - settings.addAll(super.getSettings()); + List> settings = new ArrayList<>(super.getSettings()); settings.add(Setting.boolSetting(Globals.SETTINGS_ENABLED, enabledByDefault, Setting.Property.NodeScope, Setting.Property.Filtered)); settings.add(Setting.simpleString(Globals.SETTINGS_USERNAME, Setting.Property.NodeScope, Setting.Property.Filtered)); diff --git a/src/main/java/com/cleafy/elasticsearch6/plugins/http/auth/AuthCredentials.java b/src/main/java/com/cleafy/elasticsearch/plugins/http/auth/AuthCredentials.java similarity index 93% rename from src/main/java/com/cleafy/elasticsearch6/plugins/http/auth/AuthCredentials.java rename to src/main/java/com/cleafy/elasticsearch/plugins/http/auth/AuthCredentials.java index 44372f5..5e24c18 100644 --- a/src/main/java/com/cleafy/elasticsearch6/plugins/http/auth/AuthCredentials.java +++ b/src/main/java/com/cleafy/elasticsearch/plugins/http/auth/AuthCredentials.java @@ -1,4 +1,4 @@ -package com.cleafy.elasticsearch6.plugins.http.auth; +package com.cleafy.elasticsearch.plugins.http.auth; import org.elasticsearch.ElasticsearchSecurityException; @@ -11,7 +11,7 @@ public class AuthCredentials { private final String username; private byte[] password; private Object nativeCredentials; - private final Set backendRoles = new HashSet(); + private final Set backendRoles = new HashSet<>(); private boolean complete; private final byte[] internalPasswordHash; private final Map attributes = new HashMap<>(); @@ -116,11 +116,8 @@ public boolean equals(Object obj) { if (internalPasswordHash == null || other.internalPasswordHash == null || !MessageDigest.isEqual(internalPasswordHash, other.internalPasswordHash)) return false; if (username == null) { - if (other.username != null) - return false; - } else if (!username.equals(other.username)) - return false; - return true; + return other.username == null; + } else return username.equals(other.username); } @Override @@ -133,7 +130,7 @@ public String toString() { * @return Defensive copy of the roles this user is member of. */ public Set getBackendRoles() { - return new HashSet(backendRoles); + return new HashSet<>(backendRoles); } public boolean isComplete() { diff --git a/src/main/java/com/cleafy/elasticsearch6/plugins/http/auth/Authenticator.java b/src/main/java/com/cleafy/elasticsearch/plugins/http/auth/Authenticator.java similarity index 85% rename from src/main/java/com/cleafy/elasticsearch6/plugins/http/auth/Authenticator.java rename to src/main/java/com/cleafy/elasticsearch/plugins/http/auth/Authenticator.java index 257ae7c..d6979ac 100644 --- a/src/main/java/com/cleafy/elasticsearch6/plugins/http/auth/Authenticator.java +++ b/src/main/java/com/cleafy/elasticsearch/plugins/http/auth/Authenticator.java @@ -1,4 +1,4 @@ -package com.cleafy.elasticsearch6.plugins.http.auth; +package com.cleafy.elasticsearch.plugins.http.auth; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.rest.RestRequest; diff --git a/src/main/java/com/cleafy/elasticsearch6/plugins/http/auth/HTTPHelper.java b/src/main/java/com/cleafy/elasticsearch/plugins/http/auth/HTTPHelper.java similarity index 82% rename from src/main/java/com/cleafy/elasticsearch6/plugins/http/auth/HTTPHelper.java rename to src/main/java/com/cleafy/elasticsearch/plugins/http/auth/HTTPHelper.java index ccc9af6..f6cfed8 100644 --- a/src/main/java/com/cleafy/elasticsearch6/plugins/http/auth/HTTPHelper.java +++ b/src/main/java/com/cleafy/elasticsearch/plugins/http/auth/HTTPHelper.java @@ -1,4 +1,4 @@ -package com.cleafy.elasticsearch6.plugins.http.auth; +package com.cleafy.elasticsearch.plugins.http.auth; import java.nio.charset.StandardCharsets; import java.util.Base64; @@ -14,13 +14,6 @@ public static AuthCredentials extractCredentials(String authorizationHeader) { final String decodedBasicHeader = new String(Base64.getDecoder().decode(authorizationHeader.split(" ")[1]), StandardCharsets.UTF_8); - //username:password - //special case - //username must not contain a :, but password is allowed to do so - // username:pass:word - //blank password - // username: - final int firstColonIndex = decodedBasicHeader.indexOf(':'); String username = null; diff --git a/src/main/java/com/cleafy/elasticsearch6/plugins/http/auth/HttpBasicAuthenticator.java b/src/main/java/com/cleafy/elasticsearch/plugins/http/auth/HttpBasicAuthenticator.java similarity index 77% rename from src/main/java/com/cleafy/elasticsearch6/plugins/http/auth/HttpBasicAuthenticator.java rename to src/main/java/com/cleafy/elasticsearch/plugins/http/auth/HttpBasicAuthenticator.java index f9f9d0a..db5bec2 100644 --- a/src/main/java/com/cleafy/elasticsearch6/plugins/http/auth/HttpBasicAuthenticator.java +++ b/src/main/java/com/cleafy/elasticsearch/plugins/http/auth/HttpBasicAuthenticator.java @@ -1,10 +1,10 @@ -package com.cleafy.elasticsearch6.plugins.http.auth; +package com.cleafy.elasticsearch.plugins.http.auth; import org.elasticsearch.common.settings.Settings; import org.elasticsearch.rest.RestRequest; public class HttpBasicAuthenticator extends Authenticator { - private AuthCredentials credentials; + private final AuthCredentials credentials; public HttpBasicAuthenticator(Settings settings, AuthCredentials credentials) { super(settings); @@ -13,10 +13,7 @@ public HttpBasicAuthenticator(Settings settings, AuthCredentials credentials) { @Override public boolean authenticate(RestRequest request) { - if (this.extractCredentials(request).equals(credentials)) { - return true; - } - return false; + return this.extractCredentials(request).equals(credentials); } private AuthCredentials extractCredentials(final RestRequest request) { diff --git a/src/main/java/com/cleafy/elasticsearch6/plugins/http/utils/Globals.java b/src/main/java/com/cleafy/elasticsearch/plugins/http/utils/Globals.java similarity index 85% rename from src/main/java/com/cleafy/elasticsearch6/plugins/http/utils/Globals.java rename to src/main/java/com/cleafy/elasticsearch/plugins/http/utils/Globals.java index e52a845..7438144 100644 --- a/src/main/java/com/cleafy/elasticsearch6/plugins/http/utils/Globals.java +++ b/src/main/java/com/cleafy/elasticsearch/plugins/http/utils/Globals.java @@ -1,4 +1,4 @@ -package com.cleafy.elasticsearch6.plugins.http.utils; +package com.cleafy.elasticsearch.plugins.http.utils; public class Globals { public static final String SETTINGS_ENABLED = "http.basic.enabled"; diff --git a/src/main/java/com/cleafy/elasticsearch6/plugins/http/utils/LoggerUtils.java b/src/main/java/com/cleafy/elasticsearch/plugins/http/utils/LoggerUtils.java similarity index 90% rename from src/main/java/com/cleafy/elasticsearch6/plugins/http/utils/LoggerUtils.java rename to src/main/java/com/cleafy/elasticsearch/plugins/http/utils/LoggerUtils.java index dbff130..6f9de37 100644 --- a/src/main/java/com/cleafy/elasticsearch6/plugins/http/utils/LoggerUtils.java +++ b/src/main/java/com/cleafy/elasticsearch/plugins/http/utils/LoggerUtils.java @@ -1,4 +1,4 @@ -package com.cleafy.elasticsearch6.plugins.http.utils; +package com.cleafy.elasticsearch.plugins.http.utils; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; @@ -36,6 +36,6 @@ public static void logUnAuthorizedRequest(final RestRequest request, Class kl } private static InetAddress getAddress(RestRequest request) { - return ((InetSocketAddress) request.getRemoteAddress()).getAddress(); + return ((InetSocketAddress) request.getHttpChannel().getRemoteAddress()).getAddress(); } } diff --git a/src/main/resources/es-plugin.properties b/src/main/resources/es-plugin.properties index dcb1974..4d7fc6b 100644 --- a/src/main/resources/es-plugin.properties +++ b/src/main/resources/es-plugin.properties @@ -1 +1 @@ -plugin=com.cleafy.elasticsearch6.plugins.http.HttpBasicServerPlugin \ No newline at end of file +plugin=com.cleafy.elasticsearch.plugins.http.HttpBasicServerPlugin \ No newline at end of file diff --git a/src/main/resources/plugin-descriptor.properties b/src/main/resources/plugin-descriptor.properties index c3417f7..7e9c8db 100644 --- a/src/main/resources/plugin-descriptor.properties +++ b/src/main/resources/plugin-descriptor.properties @@ -1,6 +1,6 @@ -classname=com.cleafy.elasticsearch6.plugins.http.HttpBasicServerPlugin -name=elasticsearch6-http-basic +classname=com.cleafy.elasticsearch.plugins.http.HttpBasicServerPlugin +name=elasticsearch-http-basic-auth-plugin description=Plugin to enable HTTP basic authentication and/or Ip based authentication version=1.0.0 java.version=1.8 -elasticsearch.version=6.3.2 \ No newline at end of file +elasticsearch.version=7.13.3 \ No newline at end of file