From 9ccdcc7ab35a26debbff469d118b691298b3a9c5 Mon Sep 17 00:00:00 2001 From: Craig Perkins Date: Fri, 14 Jul 2023 16:56:50 -0400 Subject: [PATCH 1/4] Proof of concept for extension reserved indices Signed-off-by: Craig Perkins --- .../security/OpenSearchSecurityPlugin.java | 42 +++- .../jwt/EncryptionDecryptionUtil.java | 66 ++++++ .../security/authtoken/jwt/JwtVendor.java | 205 +++++++++++++++++ .../http/OnBehalfOfAuthenticator.java | 217 ++++++++++++++++++ .../security/identity/SecuritySubject.java | 49 ++++ .../identity/SecurityTokenManager.java | 51 ++++ .../privileges/PrivilegesEvaluator.java | 2 +- .../SecurityIndexAccessEvaluator.java | 47 +++- .../securityconf/DynamicConfigModelV7.java | 12 + .../org/opensearch/security/util/KeyUtil.java | 82 +++++++ .../SecurityIndexAccessEvaluatorTest.java | 6 +- 11 files changed, 775 insertions(+), 4 deletions(-) create mode 100644 src/main/java/org/opensearch/security/authtoken/jwt/EncryptionDecryptionUtil.java create mode 100644 src/main/java/org/opensearch/security/authtoken/jwt/JwtVendor.java create mode 100644 src/main/java/org/opensearch/security/http/OnBehalfOfAuthenticator.java create mode 100644 src/main/java/org/opensearch/security/identity/SecuritySubject.java create mode 100644 src/main/java/org/opensearch/security/identity/SecurityTokenManager.java create mode 100644 src/main/java/org/opensearch/security/util/KeyUtil.java diff --git a/src/main/java/org/opensearch/security/OpenSearchSecurityPlugin.java b/src/main/java/org/opensearch/security/OpenSearchSecurityPlugin.java index 1dbc787b74..6539aca68c 100644 --- a/src/main/java/org/opensearch/security/OpenSearchSecurityPlugin.java +++ b/src/main/java/org/opensearch/security/OpenSearchSecurityPlugin.java @@ -100,12 +100,16 @@ import org.opensearch.http.HttpServerTransport; import org.opensearch.http.HttpServerTransport.Dispatcher; import org.opensearch.core.index.Index; +import org.opensearch.identity.Subject; +import org.opensearch.identity.tokens.TokenManager; import org.opensearch.index.IndexModule; import org.opensearch.index.cache.query.QueryCache; import org.opensearch.indices.IndicesService; import org.opensearch.indices.SystemIndexDescriptor; import org.opensearch.indices.breaker.CircuitBreakerService; import org.opensearch.plugins.ClusterPlugin; +import org.opensearch.plugins.ExtensionAwarePlugin; +import org.opensearch.plugins.IdentityPlugin; import org.opensearch.plugins.MapperPlugin; import org.opensearch.repositories.RepositoriesService; import org.opensearch.rest.RestController; @@ -145,6 +149,8 @@ import org.opensearch.security.http.SecurityHttpServerTransport; import org.opensearch.security.http.SecurityNonSslHttpServerTransport; import org.opensearch.security.http.XFFResolver; +import org.opensearch.security.identity.SecuritySubject; +import org.opensearch.security.identity.SecurityTokenManager; import org.opensearch.security.privileges.PrivilegesEvaluator; import org.opensearch.security.privileges.PrivilegesInterceptor; import org.opensearch.security.privileges.RestLayerPrivilegesEvaluator; @@ -193,7 +199,12 @@ import org.opensearch.watcher.ResourceWatcherService; // CS-ENFORCE-SINGLE -public final class OpenSearchSecurityPlugin extends OpenSearchSecuritySSLPlugin implements ClusterPlugin, MapperPlugin { +public final class OpenSearchSecurityPlugin extends OpenSearchSecuritySSLPlugin + implements + ClusterPlugin, + MapperPlugin, + ExtensionAwarePlugin, + IdentityPlugin { private static final String KEYWORD = ".keyword"; private static final Logger actionTrace = LogManager.getLogger("opendistro_security_action_trace"); @@ -212,6 +223,8 @@ public final class OpenSearchSecurityPlugin extends OpenSearchSecuritySSLPlugin private volatile ConfigurationRepository cr; private volatile AdminDNs adminDns; private volatile ClusterService cs; + private volatile SecuritySubject subject = new SecuritySubject(); + private volatile SecurityTokenManager tokenManager; private static volatile DiscoveryNode localNode; private volatile AuditLog auditLog; private volatile BackendRegistry backendRegistry; @@ -226,6 +239,13 @@ public final class OpenSearchSecurityPlugin extends OpenSearchSecuritySSLPlugin private volatile Salt salt; private volatile OpensearchDynamicSetting transportPassiveAuthSetting; + public static Setting RESERVED_INDICES_SETTING = Setting.listSetting( + "reserved_indices", + List.of(), + Function.identity(), + Property.ExtensionScope + ); + public static boolean isActionTraceEnabled() { return actionTrace.isTraceEnabled(); } @@ -990,6 +1010,9 @@ public Collection createComponents( cr = ConfigurationRepository.create(settings, this.configPath, threadPool, localClient, clusterService, auditLog); + subject.setThreadContext(threadPool.getThreadContext()); + tokenManager = new SecurityTokenManager(cs); + userService = new UserService(cs, cr, settings, localClient); final XFFResolver xffResolver = new XFFResolver(threadPool); @@ -1107,6 +1130,13 @@ public Settings additionalSettings() { return builder.build(); } + @Override + public List> getExtensionSettings() { + List> settings = new ArrayList>(); + settings.add(RESERVED_INDICES_SETTING); + return settings; + } + @Override public List> getSettings() { List> settings = new ArrayList>(); @@ -1894,6 +1924,16 @@ public static void setLocalNode(DiscoveryNode node) { localNode = node; } + @Override + public Subject getSubject() { + return subject; + } + + @Override + public TokenManager getTokenManager() { + return tokenManager; + } + public static class GuiceHolder implements LifecycleComponent { private static RepositoriesService repositoriesService; diff --git a/src/main/java/org/opensearch/security/authtoken/jwt/EncryptionDecryptionUtil.java b/src/main/java/org/opensearch/security/authtoken/jwt/EncryptionDecryptionUtil.java new file mode 100644 index 0000000000..e38a48cde3 --- /dev/null +++ b/src/main/java/org/opensearch/security/authtoken/jwt/EncryptionDecryptionUtil.java @@ -0,0 +1,66 @@ +/* + * SPDX-License-Identifier: Apache-2.0 + * + * The OpenSearch Contributors require contributions made to + * this file be licensed under the Apache-2.0 license or a + * compatible open source license. + * + * Modifications Copyright OpenSearch Contributors. See + * GitHub history for details. + */ + +package org.opensearch.security.authtoken.jwt; + +import java.nio.charset.StandardCharsets; +import java.util.Arrays; +import java.util.Base64; + +import javax.crypto.Cipher; +import javax.crypto.SecretKey; +import javax.crypto.spec.SecretKeySpec; + +public class EncryptionDecryptionUtil { + + public static String encrypt(final String secret, final String data) { + final Cipher cipher = createCipherFromSecret(secret, CipherMode.ENCRYPT); + final byte[] cipherText = createCipherText(cipher, data.getBytes(StandardCharsets.UTF_8)); + return Base64.getEncoder().encodeToString(cipherText); + } + + public static String decrypt(final String secret, final String encryptedString) { + final Cipher cipher = createCipherFromSecret(secret, CipherMode.DECRYPT); + final byte[] cipherText = createCipherText(cipher, Base64.getDecoder().decode(encryptedString)); + return new String(cipherText, StandardCharsets.UTF_8); + } + + private static Cipher createCipherFromSecret(final String secret, final CipherMode mode) { + try { + final byte[] decodedKey = Base64.getDecoder().decode(secret); + final Cipher cipher = Cipher.getInstance("AES"); + final SecretKey originalKey = new SecretKeySpec(Arrays.copyOf(decodedKey, 16), "AES"); + cipher.init(mode.opmode, originalKey); + return cipher; + } catch (final Exception e) { + throw new RuntimeException("Error creating cipher from secret in mode " + mode.name()); + } + } + + private static byte[] createCipherText(final Cipher cipher, final byte[] data) { + try { + return cipher.doFinal(data); + } catch (final Exception e) { + throw new RuntimeException("The cipher was unable to perform pass over data"); + } + } + + private enum CipherMode { + ENCRYPT(Cipher.ENCRYPT_MODE), + DECRYPT(Cipher.DECRYPT_MODE); + + private final int opmode; + + private CipherMode(final int opmode) { + this.opmode = opmode; + } + } +} diff --git a/src/main/java/org/opensearch/security/authtoken/jwt/JwtVendor.java b/src/main/java/org/opensearch/security/authtoken/jwt/JwtVendor.java new file mode 100644 index 0000000000..c3b7fa4215 --- /dev/null +++ b/src/main/java/org/opensearch/security/authtoken/jwt/JwtVendor.java @@ -0,0 +1,205 @@ +/* + * SPDX-License-Identifier: Apache-2.0 + * + * The OpenSearch Contributors require contributions made to + * this file be licensed under the Apache-2.0 license or a + * compatible open source license. + * + * Modifications Copyright OpenSearch Contributors. See + * GitHub history for details. + */ + +package org.opensearch.security.authtoken.jwt; + +import java.time.Instant; +import java.util.List; +import java.util.Optional; +import java.util.function.LongSupplier; + +import com.google.common.base.Strings; +import org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter; +import org.apache.cxf.rs.security.jose.jwk.JsonWebKey; +import org.apache.cxf.rs.security.jose.jwk.KeyType; +import org.apache.cxf.rs.security.jose.jwk.PublicKeyUse; +import org.apache.cxf.rs.security.jose.jws.JwsUtils; +import org.apache.cxf.rs.security.jose.jwt.JoseJwtProducer; +import org.apache.cxf.rs.security.jose.jwt.JwtClaims; +import org.apache.cxf.rs.security.jose.jwt.JwtToken; +import org.apache.cxf.rs.security.jose.jwt.JwtUtils; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; + +import org.opensearch.common.settings.Settings; + +public class JwtVendor { + private static final Logger logger = LogManager.getLogger(JwtVendor.class); + + private static JsonMapObjectReaderWriter jsonMapReaderWriter = new JsonMapObjectReaderWriter(); + + private final String claimsEncryptionKey; + private final JsonWebKey signingKey; + private final JoseJwtProducer jwtProducer; + private final LongSupplier timeProvider; + + public JwtVendor(final Settings settings, final Optional timeProvider) { + JoseJwtProducer jwtProducer = new JoseJwtProducer(); + try { + this.signingKey = createJwkFromSettings(settings); + } catch (Exception e) { + throw new RuntimeException(e); + } + this.jwtProducer = jwtProducer; + if (settings.get("encryption_key") == null) { + throw new RuntimeException("encryption_key cannot be null"); + } else { + this.claimsEncryptionKey = settings.get("encryption_key"); + } + if (timeProvider.isPresent()) { + this.timeProvider = timeProvider.get(); + } else { + this.timeProvider = () -> System.currentTimeMillis() / 1000; + } + } + + /* + * The default configuration of this web key should be: + * KeyType: OCTET + * PublicKeyUse: SIGN + * Encryption Algorithm: HS512 + * */ + static JsonWebKey createJwkFromSettings(Settings settings) throws Exception { + String signingKey = settings.get("signing_key"); + + if (!Strings.isNullOrEmpty(signingKey)) { + + JsonWebKey jwk = new JsonWebKey(); + + jwk.setKeyType(KeyType.OCTET); + jwk.setAlgorithm("HS512"); + jwk.setPublicKeyUse(PublicKeyUse.SIGN); + jwk.setProperty("k", signingKey); + + return jwk; + } else { + Settings jwkSettings = settings.getAsSettings("jwt").getAsSettings("key"); + + if (jwkSettings.isEmpty()) { + throw new Exception("Settings for key is missing. Please specify at least the option signing_key with a shared secret."); + } + + JsonWebKey jwk = new JsonWebKey(); + + for (String key : jwkSettings.keySet()) { + jwk.setProperty(key, jwkSettings.get(key)); + } + + return jwk; + } + } + + public String createJwt( + String issuer, + String subject, + String audience, + Integer expirySeconds, + List roles, + List backendRoles + ) throws Exception { + long timeMillis = timeProvider.getAsLong(); + Instant now = Instant.ofEpochMilli(timeProvider.getAsLong()); + + jwtProducer.setSignatureProvider(JwsUtils.getSignatureProvider(signingKey)); + JwtClaims jwtClaims = new JwtClaims(); + JwtToken jwt = new JwtToken(jwtClaims); + + jwtClaims.setIssuer(issuer); + + jwtClaims.setIssuedAt(timeMillis); + + jwtClaims.setSubject(subject); + + jwtClaims.setAudience(audience); + + jwtClaims.setNotBefore(timeMillis); + + if (expirySeconds == null) { + long expiryTime = timeProvider.getAsLong() + 300; + jwtClaims.setExpiryTime(expiryTime); + } else if (expirySeconds > 0) { + long expiryTime = timeProvider.getAsLong() + expirySeconds; + jwtClaims.setExpiryTime(expiryTime); + } else { + throw new Exception("The expiration time should be a positive integer"); + } + + if (roles != null) { + String listOfRoles = String.join(",", roles); + jwtClaims.setProperty("er", EncryptionDecryptionUtil.encrypt(claimsEncryptionKey, listOfRoles)); + } else { + throw new Exception("Roles cannot be null"); + } + + /* TODO: If the backendRoles is not null and the BWC Mode is on, put them into the "dbr" claim */ + + String encodedJwt = jwtProducer.processJwt(jwt); + + if (logger.isDebugEnabled()) { + logger.debug( + "Created JWT: " + + encodedJwt + + "\n" + + jsonMapReaderWriter.toJson(jwt.getJwsHeaders()) + + "\n" + + JwtUtils.claimsToJson(jwt.getClaims()) + ); + } + + return encodedJwt; + } + + public String issueServiceAccountToken(String issuer, String subject, Integer expirySeconds) throws Exception { + long timeMillis = timeProvider.getAsLong(); + Instant now = Instant.ofEpochMilli(timeProvider.getAsLong()); + + jwtProducer.setSignatureProvider(JwsUtils.getSignatureProvider(signingKey)); + JwtClaims jwtClaims = new JwtClaims(); + JwtToken jwt = new JwtToken(jwtClaims); + + jwtClaims.setIssuer(issuer); + + jwtClaims.setIssuedAt(timeMillis); + + jwtClaims.setSubject(subject); + + jwtClaims.setProperty("typ", "sat"); + + jwtClaims.setNotBefore(timeMillis); + + if (expirySeconds == null) { + long expiryTime = timeProvider.getAsLong() + 300; + jwtClaims.setExpiryTime(expiryTime); + } else if (expirySeconds > 0) { + long expiryTime = timeProvider.getAsLong() + expirySeconds; + jwtClaims.setExpiryTime(expiryTime); + } else { + throw new Exception("The expiration time should be a positive integer"); + } + + /* TODO: If the backendRoles is not null and the BWC Mode is on, put them into the "dbr" claim */ + + String encodedJwt = jwtProducer.processJwt(jwt); + + if (logger.isDebugEnabled()) { + logger.debug( + "Created JWT: " + + encodedJwt + + "\n" + + jsonMapReaderWriter.toJson(jwt.getJwsHeaders()) + + "\n" + + JwtUtils.claimsToJson(jwt.getClaims()) + ); + } + + return encodedJwt; + } +} diff --git a/src/main/java/org/opensearch/security/http/OnBehalfOfAuthenticator.java b/src/main/java/org/opensearch/security/http/OnBehalfOfAuthenticator.java new file mode 100644 index 0000000000..cf7412d498 --- /dev/null +++ b/src/main/java/org/opensearch/security/http/OnBehalfOfAuthenticator.java @@ -0,0 +1,217 @@ +/* + * SPDX-License-Identifier: Apache-2.0 + * + * The OpenSearch Contributors require contributions made to + * this file be licensed under the Apache-2.0 license or a + * compatible open source license. + * + * Modifications Copyright OpenSearch Contributors. See + * GitHub history for details. + */ + +package org.opensearch.security.http; + +import java.security.AccessController; +import java.security.PrivilegedAction; +import java.util.Arrays; +import java.util.List; +import java.util.Map.Entry; +import java.util.Objects; +import java.util.regex.Pattern; +import java.util.stream.Collectors; + +import io.jsonwebtoken.Claims; +import io.jsonwebtoken.JwtParser; +import io.jsonwebtoken.security.WeakKeyException; +import org.apache.commons.lang3.ObjectUtils; +import org.apache.hc.core5.http.HttpHeaders; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; + +import org.opensearch.OpenSearchSecurityException; +import org.opensearch.SpecialPermission; +import org.opensearch.common.settings.Settings; +import org.opensearch.common.util.concurrent.ThreadContext; +import org.opensearch.rest.RestChannel; +import org.opensearch.rest.RestRequest; +import org.opensearch.security.auth.HTTPAuthenticator; +import org.opensearch.security.authtoken.jwt.EncryptionDecryptionUtil; +import org.opensearch.security.user.AuthCredentials; +import org.opensearch.security.util.KeyUtil; + +public class OnBehalfOfAuthenticator implements HTTPAuthenticator { + + protected final Logger log = LogManager.getLogger(this.getClass()); + + private static final Pattern BEARER = Pattern.compile("^\\s*Bearer\\s.*", Pattern.CASE_INSENSITIVE); + private static final String BEARER_PREFIX = "bearer "; + private static final String SUBJECT_CLAIM = "sub"; + + private final JwtParser jwtParser; + private final String encryptionKey; + + public OnBehalfOfAuthenticator(Settings settings) { + encryptionKey = settings.get("encryption_key"); + jwtParser = initParser(settings.get("signing_key")); + } + + private JwtParser initParser(final String signingKey) { + JwtParser _jwtParser = KeyUtil.keyAlgorithmCheck(signingKey, log); + if (_jwtParser != null) { + return _jwtParser; + } else { + throw new RuntimeException("Unable to find on behalf of authenticator signing key"); + } + } + + private List extractSecurityRolesFromClaims(Claims claims) { + Object rolesObject = ObjectUtils.firstNonNull(claims.get("er"), claims.get("dr")); + List roles; + + if (rolesObject == null) { + log.warn("This is a malformed On-behalf-of Token"); + roles = List.of(); + } else { + final String rolesClaim = rolesObject.toString(); + + // Extracting roles based on the compatbility mode + String decryptedRoles = rolesClaim; + if (rolesObject == claims.get("er")) { + decryptedRoles = EncryptionDecryptionUtil.decrypt(encryptionKey, rolesClaim); + } + roles = Arrays.stream(decryptedRoles.split(",")).map(String::trim).collect(Collectors.toList()); + } + + return roles; + } + + private String[] extractBackendRolesFromClaims(Claims claims) { + // Object backendRolesObject = ObjectUtils.firstNonNull(claims.get("ebr"), claims.get("dbr")); + if (!claims.containsKey("dbr")) { + return null; + } + + Object backendRolesObject = claims.get("dbr"); + String[] backendRoles; + + if (backendRolesObject == null) { + log.warn("This is a malformed On-behalf-of Token"); + backendRoles = new String[0]; + } else { + final String backendRolesClaim = backendRolesObject.toString(); + + // Extracting roles based on the compatibility mode + String decryptedBackendRoles = backendRolesClaim; + backendRoles = Arrays.stream(decryptedBackendRoles.split(",")).map(String::trim).toArray(String[]::new); + } + + return backendRoles; + } + + @Override + @SuppressWarnings("removal") + public AuthCredentials extractCredentials(RestRequest request, ThreadContext context) throws OpenSearchSecurityException { + final SecurityManager sm = System.getSecurityManager(); + + if (sm != null) { + sm.checkPermission(new SpecialPermission()); + } + + AuthCredentials creds = AccessController.doPrivileged(new PrivilegedAction() { + @Override + public AuthCredentials run() { + return extractCredentials0(request); + } + }); + + return creds; + } + + private AuthCredentials extractCredentials0(final RestRequest request) { + if (jwtParser == null) { + log.error("Missing Signing Key. JWT authentication will not work"); + return null; + } + + String jwtToken = request.header(HttpHeaders.AUTHORIZATION); + + if (jwtToken == null || jwtToken.length() == 0) { + if (log.isDebugEnabled()) { + log.debug("No JWT token found in '{}' header", HttpHeaders.AUTHORIZATION); + } + return null; + } + + if (!BEARER.matcher(jwtToken).matches()) { + jwtToken = null; + } + + if (jwtToken != null && Pattern.compile(BEARER_PREFIX).matcher(jwtToken.toLowerCase()).find()) { + jwtToken = jwtToken.substring(jwtToken.toLowerCase().indexOf(BEARER_PREFIX) + BEARER_PREFIX.length()); + } else { + if (log.isDebugEnabled()) { + log.debug("No Bearer scheme found in header"); + } + } + + if (jwtToken == null) { + return null; + } + + try { + final Claims claims = jwtParser.parseClaimsJws(jwtToken).getBody(); + + final String subject = claims.getSubject(); + if (Objects.isNull(subject)) { + log.error("Valid jwt on behalf of token with no subject"); + return null; + } + + if (claims.get("typ") != null && "sat".equals(claims.get("typ"))) { + System.out.println("Received Service Account Token for " + claims.getSubject()); + + final AuthCredentials ac = new AuthCredentials(subject, List.of()).markComplete(); + + return ac; + } + + final String audience = claims.getAudience(); + if (Objects.isNull(audience)) { + log.error("Valid jwt on behalf of token with no audience"); + return null; + } + + List roles = extractSecurityRolesFromClaims(claims); + String[] backendRoles = extractBackendRolesFromClaims(claims); + + final AuthCredentials ac = new AuthCredentials(subject, List.of()).markComplete(); + + for (Entry claim : claims.entrySet()) { + ac.addAttribute("attr.jwt." + claim.getKey(), String.valueOf(claim.getValue())); + } + + return ac; + + } catch (WeakKeyException e) { + log.error("Cannot authenticate user with JWT because of ", e); + return null; + } catch (Exception e) { + e.printStackTrace(); + if (log.isDebugEnabled()) { + log.debug("Invalid or expired JWT token.", e); + } + return null; + } + } + + @Override + public boolean reRequestAuthentication(final RestChannel channel, AuthCredentials creds) { + return false; + } + + @Override + public String getType() { + return "onbehalfof_jwt"; + } + +} diff --git a/src/main/java/org/opensearch/security/identity/SecuritySubject.java b/src/main/java/org/opensearch/security/identity/SecuritySubject.java new file mode 100644 index 0000000000..c7b0a755db --- /dev/null +++ b/src/main/java/org/opensearch/security/identity/SecuritySubject.java @@ -0,0 +1,49 @@ +/* + * SPDX-License-Identifier: Apache-2.0 + * + * The OpenSearch Contributors require contributions made to + * this file be licensed under the Apache-2.0 license or a + * compatible open source license. + * + * Modifications Copyright OpenSearch Contributors. See + * GitHub history for details. + */ + +package org.opensearch.security.identity; + +import java.security.Principal; + +import org.opensearch.common.util.concurrent.ThreadContext; +import org.opensearch.identity.NamedPrincipal; +import org.opensearch.identity.Subject; +import org.opensearch.identity.tokens.AuthToken; +import org.opensearch.security.support.ConfigConstants; +import org.opensearch.security.user.User; + +public class SecuritySubject implements Subject { + + private ThreadContext threadContext; + + public SecuritySubject() {} + + public void setThreadContext(ThreadContext threadContext) { + this.threadContext = threadContext; + } + + @Override + public Principal getPrincipal() { + if (threadContext == null) { + return NamedPrincipal.UNAUTHENTICATED; + } + final User user = (User) threadContext.getTransient(ConfigConstants.OPENDISTRO_SECURITY_USER); + if (user == null) { + return NamedPrincipal.UNAUTHENTICATED; + } + return new NamedPrincipal(user.getName()); + } + + @Override + public void authenticate(AuthToken authToken) { + // TODO implement this - replace with logic from SecurityRestFilter + } +} diff --git a/src/main/java/org/opensearch/security/identity/SecurityTokenManager.java b/src/main/java/org/opensearch/security/identity/SecurityTokenManager.java new file mode 100644 index 0000000000..20e0b82417 --- /dev/null +++ b/src/main/java/org/opensearch/security/identity/SecurityTokenManager.java @@ -0,0 +1,51 @@ +package org.opensearch.security.identity; + +import org.opensearch.OpenSearchSecurityException; +import org.opensearch.cluster.service.ClusterService; +import org.opensearch.common.settings.Settings; +import org.opensearch.identity.tokens.AuthToken; +import org.opensearch.identity.tokens.BearerAuthToken; +import org.opensearch.identity.tokens.TokenManager; +import org.opensearch.security.authtoken.jwt.JwtVendor; + +import java.nio.charset.StandardCharsets; +import java.util.Base64; +import java.util.Optional; + +public class SecurityTokenManager implements TokenManager { + + public static Settings DEMO_SETTINGS = Settings.builder() + .put( + "signing_key", + Base64.getEncoder() + .encodeToString( + "This is my super secret that no one in the universe will ever be able to guess in a bajillion years".getBytes( + StandardCharsets.UTF_8 + ) + ) + ) + .put("encryption_key", "encryptionKey") + .build(); + + private ClusterService cs; + + public SecurityTokenManager(ClusterService cs) { + this.cs = cs; + } + + private JwtVendor jwtVendor = new JwtVendor(DEMO_SETTINGS, Optional.empty()); + + @Override + public AuthToken issueToken(String s) { + return null; + } + + @Override + public AuthToken issueServiceAccountToken(String extensionUniqueId) throws OpenSearchSecurityException { + try { + return new BearerAuthToken(jwtVendor.issueServiceAccountToken(cs.getClusterName().value(), extensionUniqueId, null)); + } catch (Exception e) { + throw new RuntimeException(e); + } + } +} diff --git a/src/main/java/org/opensearch/security/privileges/PrivilegesEvaluator.java b/src/main/java/org/opensearch/security/privileges/PrivilegesEvaluator.java index a3738dadac..d9dec4378a 100644 --- a/src/main/java/org/opensearch/security/privileges/PrivilegesEvaluator.java +++ b/src/main/java/org/opensearch/security/privileges/PrivilegesEvaluator.java @@ -165,7 +165,7 @@ public PrivilegesEvaluator( this.clusterInfoHolder = clusterInfoHolder; this.irr = irr; snapshotRestoreEvaluator = new SnapshotRestoreEvaluator(settings, auditLog); - securityIndexAccessEvaluator = new SecurityIndexAccessEvaluator(settings, auditLog, irr); + securityIndexAccessEvaluator = new SecurityIndexAccessEvaluator(settings, auditLog, irr, threadPool.getThreadContext()); protectedIndexAccessEvaluator = new ProtectedIndexAccessEvaluator(settings, auditLog); termsAggregationEvaluator = new TermsAggregationEvaluator(); pitPrivilegesEvaluator = new PitPrivilegesEvaluator(); diff --git a/src/main/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluator.java b/src/main/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluator.java index 94b0478759..7e22a54163 100644 --- a/src/main/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluator.java +++ b/src/main/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluator.java @@ -29,6 +29,7 @@ import java.util.ArrayList; import java.util.HashSet; import java.util.List; +import java.util.Optional; import java.util.Set; import java.util.stream.Collectors; @@ -39,13 +40,19 @@ import org.opensearch.action.RealtimeRequest; import org.opensearch.action.search.SearchRequest; import org.opensearch.common.settings.Settings; +import org.opensearch.common.util.concurrent.ThreadContext; +import org.opensearch.extensions.ExtensionsSettings; +import org.opensearch.security.OpenSearchSecurityPlugin; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.resolver.IndexResolverReplacer; import org.opensearch.security.resolver.IndexResolverReplacer.Resolved; import org.opensearch.security.support.ConfigConstants; import org.opensearch.security.support.WildcardMatcher; +import org.opensearch.security.user.User; import org.opensearch.tasks.Task; +import static org.opensearch.security.OpenSearchSecurityPlugin.RESERVED_INDICES_SETTING; + public class SecurityIndexAccessEvaluator { Logger log = LogManager.getLogger(this.getClass()); @@ -58,15 +65,22 @@ public class SecurityIndexAccessEvaluator { // for system-indices configuration private final WildcardMatcher systemIndexMatcher; + private final ThreadContext threadContext; private final boolean systemIndexEnabled; - public SecurityIndexAccessEvaluator(final Settings settings, AuditLog auditLog, IndexResolverReplacer irr) { + public SecurityIndexAccessEvaluator( + final Settings settings, + AuditLog auditLog, + IndexResolverReplacer irr, + ThreadContext threadContext + ) { this.securityIndex = settings.get( ConfigConstants.SECURITY_CONFIG_INDEX_NAME, ConfigConstants.OPENDISTRO_SECURITY_DEFAULT_CONFIG_INDEX ); this.auditLog = auditLog; this.irr = irr; + this.threadContext = threadContext; this.filterSecurityIndex = settings.getAsBoolean(ConfigConstants.SECURITY_FILTER_SECURITYINDEX_FROM_ALL_REQUESTS, false); this.systemIndexMatcher = WildcardMatcher.from( settings.getAsList(ConfigConstants.SECURITY_SYSTEM_INDICES_KEY, ConfigConstants.SECURITY_SYSTEM_INDICES_DEFAULT) @@ -145,8 +159,28 @@ public PrivilegesEvaluatorResponse evaluate( } return presponse; } else { + User authenticatedUser = threadContext.getTransient(ConfigConstants.OPENDISTRO_SECURITY_USER); + System.out.println("Authenticated User is " + authenticatedUser.getName()); + Optional matchingExtension = OpenSearchSecurityPlugin.GuiceHolder.getExtensionsManager() + .lookupExtensionSettingsById(authenticatedUser.getName()); + System.out.println("Matching Extension " + matchingExtension); auditLog.logSecurityIndexAttempt(request, action, task); final String foundSystemIndexes = getProtectedIndexes(requestedResolved).stream().collect(Collectors.joining(", ")); + if (matchingExtension.isPresent()) { + List reservedIndices = (List) matchingExtension.get() + .getAdditionalSettings() + .get(RESERVED_INDICES_SETTING); + System.out.println("Reserved indices for " + authenticatedUser.getName() + ": " + reservedIndices); + if (matchAllReservedIndices(requestedResolved, reservedIndices)) { + log.info( + "{} for '{}' index is allowed for service account of extension reserving the indices", + action, + foundSystemIndexes + ); + presponse.allowed = true; + return presponse.markComplete(); + } + } log.warn("{} for '{}' index is not allowed for a regular user", action, foundSystemIndexes); presponse.allowed = false; return presponse.markComplete(); @@ -189,4 +223,15 @@ private List getProtectedIndexes(final Resolved requestedResolved) { } return protectedIndexes; } + + private boolean matchAllReservedIndices(final Resolved requestedResolved, final List reservedIndices) { + final List requestedIndexes = requestedResolved.getAllIndices() + .stream() + .filter(securityIndex::equals) + .collect(Collectors.toList()); + if (systemIndexEnabled) { + return reservedIndices.containsAll(requestedIndexes); + } + return true; + } } diff --git a/src/main/java/org/opensearch/security/securityconf/DynamicConfigModelV7.java b/src/main/java/org/opensearch/security/securityconf/DynamicConfigModelV7.java index 60637e4b8c..5f234dd251 100644 --- a/src/main/java/org/opensearch/security/securityconf/DynamicConfigModelV7.java +++ b/src/main/java/org/opensearch/security/securityconf/DynamicConfigModelV7.java @@ -57,6 +57,8 @@ import org.opensearch.security.auth.HTTPAuthenticator; import org.opensearch.security.auth.blocking.ClientBlockRegistry; import org.opensearch.security.auth.internal.InternalAuthenticationBackend; +import org.opensearch.security.auth.internal.NoOpAuthenticationBackend; +import org.opensearch.security.http.OnBehalfOfAuthenticator; import org.opensearch.security.securityconf.impl.v7.ConfigV7; import org.opensearch.security.securityconf.impl.v7.ConfigV7.Authc; import org.opensearch.security.securityconf.impl.v7.ConfigV7.AuthcDomain; @@ -64,6 +66,8 @@ import org.opensearch.security.securityconf.impl.v7.ConfigV7.AuthzDomain; import org.opensearch.security.support.ReflectionHelper; +import static org.opensearch.security.identity.SecurityTokenManager.DEMO_SETTINGS; + public class DynamicConfigModelV7 extends DynamicConfigModel { private final ConfigV7 config; @@ -358,6 +362,14 @@ private void buildAAA() { } } + final AuthDomain _ad = new AuthDomain( + new NoOpAuthenticationBackend(Settings.EMPTY, null), + new OnBehalfOfAuthenticator(DEMO_SETTINGS), + false, + -1 + ); + restAuthDomains0.add(_ad); + List originalDestroyableComponents = destroyableComponents; restAuthDomains = Collections.unmodifiableSortedSet(restAuthDomains0); diff --git a/src/main/java/org/opensearch/security/util/KeyUtil.java b/src/main/java/org/opensearch/security/util/KeyUtil.java new file mode 100644 index 0000000000..f6f8601222 --- /dev/null +++ b/src/main/java/org/opensearch/security/util/KeyUtil.java @@ -0,0 +1,82 @@ +/* + * SPDX-License-Identifier: Apache-2.0 + * + * The OpenSearch Contributors require contributions made to + * this file be licensed under the Apache-2.0 license or a + * compatible open source license. + * + * Modifications Copyright OpenSearch Contributors. See + * GitHub history for details. + */ + +package org.opensearch.security.util; + +import io.jsonwebtoken.JwtParser; +import io.jsonwebtoken.Jwts; +import org.apache.logging.log4j.Logger; + +import java.security.AccessController; +import java.security.Key; +import java.security.KeyFactory; +import java.security.NoSuchAlgorithmException; +import java.security.PrivilegedAction; +import java.security.PublicKey; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.X509EncodedKeySpec; +import java.util.Base64; +import java.util.Objects; + +public class KeyUtil { + + public static JwtParser keyAlgorithmCheck(final String signingKey, final Logger log) { + if (signingKey == null || signingKey.length() == 0) { + log.error("Unable to find signing key"); + return null; + } else { + try { + JwtParser parser = AccessController.doPrivileged(new PrivilegedAction() { + @Override + public JwtParser run() { + Key key = null; + + final String minimalKeyFormat = signingKey.replace("-----BEGIN PUBLIC KEY-----\n", "") + .replace("-----END PUBLIC KEY-----", ""); + + final byte[] decoded = Base64.getDecoder().decode(minimalKeyFormat); + + try { + key = getPublicKey(decoded, "RSA"); + } catch (Exception e) { + log.debug("No public RSA key, try other algos ({})", e.toString()); + } + + try { + key = getPublicKey(decoded, "EC"); + } catch (final Exception e) { + log.debug("No public ECDSA key, try other algos ({})", e.toString()); + } + + if (Objects.nonNull(key)) { + return Jwts.parser().setSigningKey(key); + } + + return Jwts.parser().setSigningKey(decoded); + } + }); + + return parser; + } catch (Throwable e) { + log.error("Error while creating JWT authenticator", e); + throw new RuntimeException(e); + } + } + } + + private static PublicKey getPublicKey(final byte[] keyBytes, final String algo) throws NoSuchAlgorithmException, + InvalidKeySpecException { + X509EncodedKeySpec spec = new X509EncodedKeySpec(keyBytes); + KeyFactory kf = KeyFactory.getInstance(algo); + return kf.generatePublic(spec); + } + +} diff --git a/src/test/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluatorTest.java b/src/test/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluatorTest.java index 14c5eabb73..1d96730fde 100644 --- a/src/test/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluatorTest.java +++ b/src/test/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluatorTest.java @@ -25,6 +25,7 @@ import org.opensearch.action.search.SearchRequest; import org.opensearch.action.support.IndicesOptions; import org.opensearch.common.settings.Settings; +import org.opensearch.common.util.concurrent.ThreadContext; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.resolver.IndexResolverReplacer; import org.opensearch.security.resolver.IndexResolverReplacer.Resolved; @@ -54,6 +55,8 @@ public class SecurityIndexAccessEvaluatorTest { private PrivilegesEvaluatorResponse presponse; @Mock private Logger log; + @Mock + private ThreadContext threadContext; private SecurityIndexAccessEvaluator evaluator; @@ -68,7 +71,8 @@ public void before() { .put("plugins.security.system_indices.enabled", true) .build(), auditLog, - irr + irr, + threadContext ); evaluator.log = log; From 37aacdc0ceab4462498c9bdf339e6e0b5d30ef80 Mon Sep 17 00:00:00 2001 From: Craig Perkins Date: Mon, 17 Jul 2023 17:38:11 -0400 Subject: [PATCH 2/4] Update imports for files refactored in core PR #8157 (#3003) * Update imports for files refactored in core PR #8157 Signed-off-by: Craig Perkins * Update references to old packages in test files Signed-off-by: Craig Perkins * Get remaining bad imports in integrationTest Signed-off-by: Craig Perkins * Update log4j in bwc build.gradle Signed-off-by: Craig Perkins * Use versions.log4j Signed-off-by: Craig Perkins * Also reference guava version Signed-off-by: Craig Perkins * Update integtest.sh Signed-off-by: Craig Perkins * Update tests that expect certain amount of headers in a response Signed-off-by: Craig Perkins * Empty commit Signed-off-by: Craig Perkins --------- Signed-off-by: Craig Perkins --- bwc-test/build.gradle | 4 ++-- scripts/integtest.sh | 4 ++-- .../org/opensearch/security/CrossClusterSearchTests.java | 2 +- .../opensearch/security/DoNotFailOnForbiddenTests.java | 2 +- .../org/opensearch/security/PointInTimeOperationTest.java | 6 +++--- .../java/org/opensearch/security/SearchOperationTest.java | 8 ++++---- .../opensearch/security/http/JwtAuthenticationTests.java | 2 +- .../security/http/LdapTlsAuthenticationTest.java | 2 +- .../org/opensearch/test/framework/TestSecurityConfig.java | 2 +- .../framework/matcher/OpenSearchExceptionMatchers.java | 2 +- .../matcher/OpenSearchStatusExceptionMatcher.java | 2 +- .../test/framework/matcher/SearchResponseMatchers.java | 2 +- .../matcher/SearchResponseWithStatusCodeMatcher.java | 2 +- .../framework/matcher/SuccessBulkResponseMatcher.java | 2 +- .../SuccessfulClearIndicesCacheResponseMatcher.java | 2 +- .../matcher/SuccessfulCreatePitResponseMatcher.java | 2 +- .../matcher/SuccessfulDeletePitResponseMatcher.java | 2 +- .../matcher/SuccessfulDeleteResponseMatcher.java | 2 +- .../matcher/SuccessfulSearchResponseMatcher.java | 2 +- .../matcher/SuccessfulUpdateResponseMatcher.java | 2 +- .../dlic/auth/http/jwt/AbstractHTTPJwtAuthenticator.java | 2 +- .../amazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java | 2 +- .../dlic/auth/http/kerberos/HTTPSpnegoAuthenticator.java | 2 +- .../dlic/auth/http/saml/AuthTokenProcessorHandler.java | 4 ++-- .../amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java | 2 +- .../org/opensearch/security/OpenSearchSecurityPlugin.java | 6 +++--- .../action/configupdate/ConfigUpdateNodeResponse.java | 4 ++-- .../security/action/configupdate/ConfigUpdateRequest.java | 4 ++-- .../action/configupdate/ConfigUpdateResponse.java | 4 ++-- .../action/configupdate/TransportConfigUpdateAction.java | 4 ++-- .../opensearch/security/action/whoami/WhoAmIRequest.java | 2 +- .../opensearch/security/action/whoami/WhoAmIResponse.java | 4 ++-- .../java/org/opensearch/security/auditlog/AuditLog.java | 2 +- .../org/opensearch/security/auditlog/NullAuditLog.java | 2 +- .../security/auditlog/impl/AbstractAuditLog.java | 4 ++-- .../opensearch/security/auditlog/impl/AuditLogImpl.java | 2 +- .../opensearch/security/auditlog/impl/AuditMessage.java | 4 ++-- .../security/auditlog/impl/RequestResolver.java | 4 ++-- .../org/opensearch/security/auth/BackendRegistry.java | 2 +- .../ComplianceIndexingOperationListenerImpl.java | 2 +- .../opensearch/security/compliance/FieldReadCallback.java | 4 ++-- .../ConfigUpdateAlreadyInProgressException.java | 2 +- .../configuration/ConfigurationLoaderSecurity7.java | 2 +- .../security/configuration/ConfigurationRepository.java | 2 +- .../security/configuration/DlsFlsFilterLeafReader.java | 6 +++--- .../security/configuration/DlsFlsValveImpl.java | 2 +- .../configuration/SecurityFlsDlsIndexSearcherWrapper.java | 2 +- .../configuration/SecurityIndexSearcherWrapper.java | 2 +- .../security/configuration/StaticResourceException.java | 2 +- .../security/dlic/rest/api/AbstractApiAction.java | 4 ++-- .../security/dlic/rest/api/AccountApiAction.java | 4 ++-- .../security/dlic/rest/api/ActionGroupsApiAction.java | 2 +- .../security/dlic/rest/api/AllowlistApiAction.java | 2 +- .../opensearch/security/dlic/rest/api/AuditApiAction.java | 2 +- .../security/dlic/rest/api/AuthTokenProcessorAction.java | 2 +- .../security/dlic/rest/api/FlushCacheApiAction.java | 2 +- .../security/dlic/rest/api/InternalUsersApiAction.java | 2 +- .../security/dlic/rest/api/MigrateApiAction.java | 2 +- .../dlic/rest/api/MultiTenancyConfigApiAction.java | 4 ++-- .../security/dlic/rest/api/NodesDnApiAction.java | 2 +- .../dlic/rest/api/PatchableResourceApiAction.java | 4 ++-- .../security/dlic/rest/api/PermissionsInfoAction.java | 2 +- .../opensearch/security/dlic/rest/api/RolesApiAction.java | 2 +- .../security/dlic/rest/api/RolesMappingApiAction.java | 2 +- .../security/dlic/rest/api/SecurityConfigAction.java | 2 +- .../security/dlic/rest/api/SecuritySSLCertsAction.java | 4 ++-- .../security/dlic/rest/api/TenantsApiAction.java | 2 +- .../security/dlic/rest/api/ValidateApiAction.java | 2 +- .../org/opensearch/security/dlic/rest/support/Utils.java | 2 +- .../rest/validation/AbstractConfigurationValidator.java | 2 +- .../security/dlic/rest/validation/AccountValidator.java | 2 +- .../dlic/rest/validation/ActionGroupValidator.java | 2 +- .../security/dlic/rest/validation/AllowlistValidator.java | 2 +- .../security/dlic/rest/validation/AuditValidator.java | 2 +- .../dlic/rest/validation/CredentialsValidator.java | 4 ++-- .../dlic/rest/validation/InternalUsersValidator.java | 2 +- .../dlic/rest/validation/MultiTenancyConfigValidator.java | 2 +- .../security/dlic/rest/validation/NoOpValidator.java | 2 +- .../security/dlic/rest/validation/NodesDnValidator.java | 2 +- .../dlic/rest/validation/RolesMappingValidator.java | 2 +- .../security/dlic/rest/validation/RolesValidator.java | 2 +- .../dlic/rest/validation/SecurityConfigValidator.java | 2 +- .../security/dlic/rest/validation/TenantValidator.java | 2 +- .../security/dlic/rest/validation/WhitelistValidator.java | 2 +- .../org/opensearch/security/filter/SecurityFilter.java | 2 +- .../opensearch/security/filter/SecurityRestFilter.java | 2 +- .../opensearch/security/http/HTTPBasicAuthenticator.java | 2 +- .../security/resolver/IndexResolverReplacer.java | 2 +- .../opensearch/security/rest/DashboardsInfoAction.java | 2 +- .../security/rest/SecurityConfigUpdateAction.java | 2 +- .../opensearch/security/rest/SecurityHealthAction.java | 2 +- .../org/opensearch/security/rest/SecurityInfoAction.java | 2 +- .../opensearch/security/rest/SecurityWhoAmIAction.java | 2 +- .../org/opensearch/security/rest/TenantInfoAction.java | 2 +- .../security/securityconf/impl/AllowlistingSettings.java | 2 +- .../security/securityconf/impl/WhitelistingSettings.java | 2 +- .../security/ssl/OpenSearchSecuritySSLPlugin.java | 2 +- .../org/opensearch/security/ssl/SecureSSLSettings.java | 2 +- .../security/ssl/http/netty/ValidatingDispatcher.java | 2 +- .../security/ssl/rest/SecuritySSLInfoAction.java | 2 +- .../security/ssl/transport/SecuritySSLNettyTransport.java | 2 +- .../org/opensearch/security/support/ConfigHelper.java | 2 +- .../java/org/opensearch/security/support/ModuleInfo.java | 8 ++++---- .../java/org/opensearch/security/tools/SecurityAdmin.java | 4 ++-- .../security/transport/SecurityInterceptor.java | 2 +- src/main/java/org/opensearch/security/user/User.java | 6 +++--- .../dlic/auth/http/saml/HTTPSamlAuthenticatorTest.java | 6 +++--- .../org/opensearch/security/RolesInjectorIntegTest.java | 2 +- .../org/opensearch/security/RolesValidationIntegTest.java | 2 +- .../security/TransportUserInjectorIntegTest.java | 2 +- .../security/auditlog/helper/MockRestRequest.java | 2 +- .../security/auditlog/impl/AuditMessageTest.java | 2 +- .../security/dlic/dlsfls/CCReplicationTest.java | 8 ++++---- .../dlic/dlsfls/DlsFlsCrossClusterSearchTest.java | 6 +++--- .../java/org/opensearch/security/dlic/dlsfls/DlsTest.java | 3 ++- .../http/proxy/HTTPExtendedProxyAuthenticatorTest.java | 4 ++-- .../security/protected_indices/ProtectedIndicesTests.java | 2 +- .../security/system_indices/SystemIndicesTests.java | 2 +- .../opensearch/security/test/helper/file/FileHelper.java | 2 +- .../org/opensearch/security/util/FakeRestRequest.java | 2 +- 120 files changed, 162 insertions(+), 161 deletions(-) diff --git a/bwc-test/build.gradle b/bwc-test/build.gradle index 4175581f09..9f5c752287 100644 --- a/bwc-test/build.gradle +++ b/bwc-test/build.gradle @@ -67,9 +67,9 @@ repositories { } dependencies { - testImplementation 'com.google.guava:guava:30.0-jre' + testImplementation "com.google.guava:guava:${versions.guava}" testImplementation "org.opensearch.test:framework:${opensearch_version}" - testImplementation 'org.apache.logging.log4j:log4j-core:2.17.1' + testImplementation "org.apache.logging.log4j:log4j-core:${versions.log4j}" } loggerUsageCheck.enabled = false diff --git a/scripts/integtest.sh b/scripts/integtest.sh index 961b91299c..0401d00fa0 100755 --- a/scripts/integtest.sh +++ b/scripts/integtest.sh @@ -20,7 +20,7 @@ function usage() { echo -e "-v OPENSEARCH_VERSION\t, no defaults" echo -e "-n SNAPSHOT\t, defaults to false" echo -e "-m CLUSTER_NAME\t, defaults to docker-cluster" - echo -e "-u COMMON_UTILS_VERSION\t, defaults to 2.2.0.0" + echo -e "-u COMMON_UTILS_VERSION\t, defaults to 3.0.0.0-SNAPSHOT" echo "--------------------------------------------------------------------------" } @@ -101,7 +101,7 @@ then fi if [ -z "$COMMON_UTILS_VERSION" ] then - COMMON_UTILS_VERSION="2.2.0.0" + COMMON_UTILS_VERSION="3.0.0.0-SNAPSHOT" fi USERNAME=`echo $CREDENTIAL | awk -F ':' '{print $1}'` diff --git a/src/integrationTest/java/org/opensearch/security/CrossClusterSearchTests.java b/src/integrationTest/java/org/opensearch/security/CrossClusterSearchTests.java index ee03913c55..86d27efa87 100644 --- a/src/integrationTest/java/org/opensearch/security/CrossClusterSearchTests.java +++ b/src/integrationTest/java/org/opensearch/security/CrossClusterSearchTests.java @@ -36,7 +36,7 @@ import static org.hamcrest.MatcherAssert.assertThat; import static org.opensearch.action.support.WriteRequest.RefreshPolicy.IMMEDIATE; import static org.opensearch.client.RequestOptions.DEFAULT; -import static org.opensearch.rest.RestStatus.FORBIDDEN; +import static org.opensearch.core.rest.RestStatus.FORBIDDEN; import static org.opensearch.security.Song.ARTIST_FIRST; import static org.opensearch.security.Song.FIELD_ARTIST; import static org.opensearch.security.Song.FIELD_GENRE; diff --git a/src/integrationTest/java/org/opensearch/security/DoNotFailOnForbiddenTests.java b/src/integrationTest/java/org/opensearch/security/DoNotFailOnForbiddenTests.java index f3b641f1e6..fedcf0bbcb 100644 --- a/src/integrationTest/java/org/opensearch/security/DoNotFailOnForbiddenTests.java +++ b/src/integrationTest/java/org/opensearch/security/DoNotFailOnForbiddenTests.java @@ -47,7 +47,7 @@ import static org.opensearch.action.admin.indices.alias.IndicesAliasesRequest.AliasActions.Type.ADD; import static org.opensearch.action.support.WriteRequest.RefreshPolicy.IMMEDIATE; import static org.opensearch.client.RequestOptions.DEFAULT; -import static org.opensearch.rest.RestStatus.FORBIDDEN; +import static org.opensearch.core.rest.RestStatus.FORBIDDEN; import static org.opensearch.security.Song.FIELD_STARS; import static org.opensearch.security.Song.FIELD_TITLE; import static org.opensearch.security.Song.QUERY_TITLE_MAGNUM_OPUS; diff --git a/src/integrationTest/java/org/opensearch/security/PointInTimeOperationTest.java b/src/integrationTest/java/org/opensearch/security/PointInTimeOperationTest.java index 54b9aa4bc2..3b01ca69bf 100644 --- a/src/integrationTest/java/org/opensearch/security/PointInTimeOperationTest.java +++ b/src/integrationTest/java/org/opensearch/security/PointInTimeOperationTest.java @@ -32,7 +32,7 @@ import org.opensearch.client.Client; import org.opensearch.client.RestHighLevelClient; import org.opensearch.common.unit.TimeValue; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.search.builder.PointInTimeBuilder; import org.opensearch.search.builder.SearchSourceBuilder; import org.opensearch.test.framework.TestSecurityConfig; @@ -45,8 +45,8 @@ import static org.opensearch.action.admin.indices.alias.IndicesAliasesRequest.AliasActions.Type.ADD; import static org.opensearch.action.support.WriteRequest.RefreshPolicy.IMMEDIATE; import static org.opensearch.client.RequestOptions.DEFAULT; -import static org.opensearch.rest.RestStatus.FORBIDDEN; -import static org.opensearch.rest.RestStatus.OK; +import static org.opensearch.core.rest.RestStatus.FORBIDDEN; +import static org.opensearch.core.rest.RestStatus.OK; import static org.opensearch.security.Song.SONGS; import static org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.AUTHC_HTTPBASIC_INTERNAL; import static org.opensearch.test.framework.TestSecurityConfig.Role.ALL_ACCESS; diff --git a/src/integrationTest/java/org/opensearch/security/SearchOperationTest.java b/src/integrationTest/java/org/opensearch/security/SearchOperationTest.java index eccd9f5380..f16d40e905 100644 --- a/src/integrationTest/java/org/opensearch/security/SearchOperationTest.java +++ b/src/integrationTest/java/org/opensearch/security/SearchOperationTest.java @@ -92,7 +92,7 @@ import org.opensearch.index.reindex.BulkByScrollResponse; import org.opensearch.index.reindex.ReindexRequest; import org.opensearch.repositories.RepositoryMissingException; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.search.builder.SearchSourceBuilder; import org.opensearch.test.framework.AuditCompliance; import org.opensearch.test.framework.AuditConfiguration; @@ -122,9 +122,9 @@ import static org.opensearch.rest.RestRequest.Method.GET; import static org.opensearch.rest.RestRequest.Method.POST; import static org.opensearch.rest.RestRequest.Method.PUT; -import static org.opensearch.rest.RestStatus.ACCEPTED; -import static org.opensearch.rest.RestStatus.FORBIDDEN; -import static org.opensearch.rest.RestStatus.INTERNAL_SERVER_ERROR; +import static org.opensearch.core.rest.RestStatus.ACCEPTED; +import static org.opensearch.core.rest.RestStatus.FORBIDDEN; +import static org.opensearch.core.rest.RestStatus.INTERNAL_SERVER_ERROR; import static org.opensearch.security.Song.FIELD_ARTIST; import static org.opensearch.security.Song.FIELD_STARS; import static org.opensearch.security.Song.FIELD_TITLE; diff --git a/src/integrationTest/java/org/opensearch/security/http/JwtAuthenticationTests.java b/src/integrationTest/java/org/opensearch/security/http/JwtAuthenticationTests.java index 5226d8854c..9df611e207 100644 --- a/src/integrationTest/java/org/opensearch/security/http/JwtAuthenticationTests.java +++ b/src/integrationTest/java/org/opensearch/security/http/JwtAuthenticationTests.java @@ -47,7 +47,7 @@ import static org.hamcrest.Matchers.hasSize; import static org.opensearch.action.support.WriteRequest.RefreshPolicy.IMMEDIATE; import static org.opensearch.client.RequestOptions.DEFAULT; -import static org.opensearch.rest.RestStatus.FORBIDDEN; +import static org.opensearch.core.rest.RestStatus.FORBIDDEN; import static org.opensearch.security.Song.FIELD_TITLE; import static org.opensearch.security.Song.QUERY_TITLE_MAGNUM_OPUS; import static org.opensearch.security.Song.SONGS; diff --git a/src/integrationTest/java/org/opensearch/security/http/LdapTlsAuthenticationTest.java b/src/integrationTest/java/org/opensearch/security/http/LdapTlsAuthenticationTest.java index a27f0912e9..bac79ffd12 100644 --- a/src/integrationTest/java/org/opensearch/security/http/LdapTlsAuthenticationTest.java +++ b/src/integrationTest/java/org/opensearch/security/http/LdapTlsAuthenticationTest.java @@ -52,7 +52,7 @@ import static org.hamcrest.Matchers.not; import static org.opensearch.action.support.WriteRequest.RefreshPolicy.IMMEDIATE; import static org.opensearch.client.RequestOptions.DEFAULT; -import static org.opensearch.rest.RestStatus.FORBIDDEN; +import static org.opensearch.core.rest.RestStatus.FORBIDDEN; import static org.opensearch.security.Song.SONGS; import static org.opensearch.security.http.DirectoryInformationTrees.CN_GROUP_ADMIN; import static org.opensearch.security.http.DirectoryInformationTrees.CN_GROUP_BRIDGE; diff --git a/src/integrationTest/java/org/opensearch/test/framework/TestSecurityConfig.java b/src/integrationTest/java/org/opensearch/test/framework/TestSecurityConfig.java index a702102e6b..d44f10eba0 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/TestSecurityConfig.java +++ b/src/integrationTest/java/org/opensearch/test/framework/TestSecurityConfig.java @@ -53,7 +53,7 @@ import org.opensearch.action.update.UpdateRequest; import org.opensearch.client.Client; import org.opensearch.common.Strings; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.xcontent.XContentFactory; import org.opensearch.core.xcontent.ToXContentObject; import org.opensearch.core.xcontent.XContentBuilder; diff --git a/src/integrationTest/java/org/opensearch/test/framework/matcher/OpenSearchExceptionMatchers.java b/src/integrationTest/java/org/opensearch/test/framework/matcher/OpenSearchExceptionMatchers.java index 8627e4bda2..6e8519c230 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/matcher/OpenSearchExceptionMatchers.java +++ b/src/integrationTest/java/org/opensearch/test/framework/matcher/OpenSearchExceptionMatchers.java @@ -11,7 +11,7 @@ import org.hamcrest.Matcher; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import static org.hamcrest.Matchers.containsString; diff --git a/src/integrationTest/java/org/opensearch/test/framework/matcher/OpenSearchStatusExceptionMatcher.java b/src/integrationTest/java/org/opensearch/test/framework/matcher/OpenSearchStatusExceptionMatcher.java index 118251ec04..e8efcf151f 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/matcher/OpenSearchStatusExceptionMatcher.java +++ b/src/integrationTest/java/org/opensearch/test/framework/matcher/OpenSearchStatusExceptionMatcher.java @@ -13,7 +13,7 @@ import org.hamcrest.TypeSafeDiagnosingMatcher; import org.opensearch.OpenSearchException; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import static java.util.Objects.requireNonNull; diff --git a/src/integrationTest/java/org/opensearch/test/framework/matcher/SearchResponseMatchers.java b/src/integrationTest/java/org/opensearch/test/framework/matcher/SearchResponseMatchers.java index c0a484b47c..cf3a6d9e57 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/matcher/SearchResponseMatchers.java +++ b/src/integrationTest/java/org/opensearch/test/framework/matcher/SearchResponseMatchers.java @@ -17,7 +17,7 @@ import org.hamcrest.Matcher; import org.opensearch.action.search.SearchResponse; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.search.SearchHits; public class SearchResponseMatchers { diff --git a/src/integrationTest/java/org/opensearch/test/framework/matcher/SearchResponseWithStatusCodeMatcher.java b/src/integrationTest/java/org/opensearch/test/framework/matcher/SearchResponseWithStatusCodeMatcher.java index ede13bcb56..5b0f99e11b 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/matcher/SearchResponseWithStatusCodeMatcher.java +++ b/src/integrationTest/java/org/opensearch/test/framework/matcher/SearchResponseWithStatusCodeMatcher.java @@ -13,7 +13,7 @@ import org.hamcrest.TypeSafeDiagnosingMatcher; import org.opensearch.action.search.SearchResponse; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; class SearchResponseWithStatusCodeMatcher extends TypeSafeDiagnosingMatcher { diff --git a/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessBulkResponseMatcher.java b/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessBulkResponseMatcher.java index 7bf4993783..ca4b94d148 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessBulkResponseMatcher.java +++ b/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessBulkResponseMatcher.java @@ -17,7 +17,7 @@ import org.opensearch.action.bulk.BulkItemResponse; import org.opensearch.action.bulk.BulkResponse; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; class SuccessBulkResponseMatcher extends TypeSafeDiagnosingMatcher { diff --git a/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulClearIndicesCacheResponseMatcher.java b/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulClearIndicesCacheResponseMatcher.java index e27ee17ef6..b70b2c2f9e 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulClearIndicesCacheResponseMatcher.java +++ b/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulClearIndicesCacheResponseMatcher.java @@ -13,7 +13,7 @@ import org.hamcrest.TypeSafeDiagnosingMatcher; import org.opensearch.action.admin.indices.cache.clear.ClearIndicesCacheResponse; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; class SuccessfulClearIndicesCacheResponseMatcher extends TypeSafeDiagnosingMatcher { diff --git a/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulCreatePitResponseMatcher.java b/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulCreatePitResponseMatcher.java index 7f9a68064c..66b59b1526 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulCreatePitResponseMatcher.java +++ b/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulCreatePitResponseMatcher.java @@ -13,7 +13,7 @@ import org.hamcrest.TypeSafeDiagnosingMatcher; import org.opensearch.action.search.CreatePitResponse; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; class SuccessfulCreatePitResponseMatcher extends TypeSafeDiagnosingMatcher { diff --git a/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulDeletePitResponseMatcher.java b/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulDeletePitResponseMatcher.java index aec2e7d61a..20906946f1 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulDeletePitResponseMatcher.java +++ b/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulDeletePitResponseMatcher.java @@ -14,7 +14,7 @@ import org.opensearch.action.search.DeletePitInfo; import org.opensearch.action.search.DeletePitResponse; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; class SuccessfulDeletePitResponseMatcher extends TypeSafeDiagnosingMatcher { diff --git a/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulDeleteResponseMatcher.java b/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulDeleteResponseMatcher.java index eb4b1fc064..6c10b2b6f8 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulDeleteResponseMatcher.java +++ b/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulDeleteResponseMatcher.java @@ -13,7 +13,7 @@ import org.hamcrest.TypeSafeDiagnosingMatcher; import org.opensearch.action.delete.DeleteResponse; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; class SuccessfulDeleteResponseMatcher extends TypeSafeDiagnosingMatcher { diff --git a/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulSearchResponseMatcher.java b/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulSearchResponseMatcher.java index fe2acff9b9..21017a9014 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulSearchResponseMatcher.java +++ b/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulSearchResponseMatcher.java @@ -13,7 +13,7 @@ import org.hamcrest.TypeSafeDiagnosingMatcher; import org.opensearch.action.search.SearchResponse; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; class SuccessfulSearchResponseMatcher extends TypeSafeDiagnosingMatcher { diff --git a/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulUpdateResponseMatcher.java b/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulUpdateResponseMatcher.java index dcff052f01..14faab0c4c 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulUpdateResponseMatcher.java +++ b/src/integrationTest/java/org/opensearch/test/framework/matcher/SuccessfulUpdateResponseMatcher.java @@ -13,7 +13,7 @@ import org.hamcrest.TypeSafeDiagnosingMatcher; import org.opensearch.action.update.UpdateResponse; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; class SuccessfulUpdateResponseMatcher extends TypeSafeDiagnosingMatcher { diff --git a/src/main/java/com/amazon/dlic/auth/http/jwt/AbstractHTTPJwtAuthenticator.java b/src/main/java/com/amazon/dlic/auth/http/jwt/AbstractHTTPJwtAuthenticator.java index ffe9db81f2..4dab3c7740 100644 --- a/src/main/java/com/amazon/dlic/auth/http/jwt/AbstractHTTPJwtAuthenticator.java +++ b/src/main/java/com/amazon/dlic/auth/http/jwt/AbstractHTTPJwtAuthenticator.java @@ -38,7 +38,7 @@ import org.opensearch.rest.BytesRestResponse; import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestRequest; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.auth.HTTPAuthenticator; import org.opensearch.security.user.AuthCredentials; diff --git a/src/main/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java b/src/main/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java index 3468bb89af..4eee14a3fc 100644 --- a/src/main/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java +++ b/src/main/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java @@ -40,7 +40,7 @@ import org.opensearch.rest.BytesRestResponse; import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestRequest; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.auth.HTTPAuthenticator; import org.opensearch.security.user.AuthCredentials; diff --git a/src/main/java/com/amazon/dlic/auth/http/kerberos/HTTPSpnegoAuthenticator.java b/src/main/java/com/amazon/dlic/auth/http/kerberos/HTTPSpnegoAuthenticator.java index d8e11960d6..dd31393a03 100644 --- a/src/main/java/com/amazon/dlic/auth/http/kerberos/HTTPSpnegoAuthenticator.java +++ b/src/main/java/com/amazon/dlic/auth/http/kerberos/HTTPSpnegoAuthenticator.java @@ -51,7 +51,7 @@ import org.opensearch.rest.BytesRestResponse; import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestRequest; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.auth.HTTPAuthenticator; import org.opensearch.security.user.AuthCredentials; diff --git a/src/main/java/com/amazon/dlic/auth/http/saml/AuthTokenProcessorHandler.java b/src/main/java/com/amazon/dlic/auth/http/saml/AuthTokenProcessorHandler.java index 7f36635674..fe995b3287 100644 --- a/src/main/java/com/amazon/dlic/auth/http/saml/AuthTokenProcessorHandler.java +++ b/src/main/java/com/amazon/dlic/auth/http/saml/AuthTokenProcessorHandler.java @@ -53,14 +53,14 @@ import org.opensearch.OpenSearchSecurityException; import org.opensearch.SpecialPermission; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.common.xcontent.XContentType; import org.opensearch.rest.BytesRestResponse; import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestRequest; import org.opensearch.rest.RestRequest.Method; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.DefaultObjectMapper; import org.opensearch.security.dlic.rest.api.AuthTokenProcessorAction; diff --git a/src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java b/src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java index d3068b852a..cd6209952f 100644 --- a/src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java +++ b/src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java @@ -58,7 +58,7 @@ import org.opensearch.rest.BytesRestResponse; import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestRequest; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.auth.Destroyable; import org.opensearch.security.auth.HTTPAuthenticator; import org.opensearch.security.support.ConfigConstants; diff --git a/src/main/java/org/opensearch/security/OpenSearchSecurityPlugin.java b/src/main/java/org/opensearch/security/OpenSearchSecurityPlugin.java index ffb7cfc075..1dbc787b74 100644 --- a/src/main/java/org/opensearch/security/OpenSearchSecurityPlugin.java +++ b/src/main/java/org/opensearch/security/OpenSearchSecurityPlugin.java @@ -80,7 +80,7 @@ import org.opensearch.common.component.LifecycleComponent; import org.opensearch.common.component.LifecycleListener; import org.opensearch.common.inject.Inject; -import org.opensearch.common.io.stream.NamedWriteableRegistry; +import org.opensearch.core.common.io.stream.NamedWriteableRegistry; import org.opensearch.common.logging.DeprecationLogger; import org.opensearch.common.network.NetworkModule; import org.opensearch.common.network.NetworkService; @@ -99,7 +99,7 @@ import org.opensearch.extensions.ExtensionsManager; import org.opensearch.http.HttpServerTransport; import org.opensearch.http.HttpServerTransport.Dispatcher; -import org.opensearch.index.Index; +import org.opensearch.core.index.Index; import org.opensearch.index.IndexModule; import org.opensearch.index.cache.query.QueryCache; import org.opensearch.indices.IndicesService; @@ -110,7 +110,7 @@ import org.opensearch.repositories.RepositoriesService; import org.opensearch.rest.RestController; import org.opensearch.rest.RestHandler; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.script.ScriptService; import org.opensearch.search.internal.InternalScrollSearchRequest; import org.opensearch.search.internal.ReaderContext; diff --git a/src/main/java/org/opensearch/security/action/configupdate/ConfigUpdateNodeResponse.java b/src/main/java/org/opensearch/security/action/configupdate/ConfigUpdateNodeResponse.java index 0ac4459102..99ff946b05 100644 --- a/src/main/java/org/opensearch/security/action/configupdate/ConfigUpdateNodeResponse.java +++ b/src/main/java/org/opensearch/security/action/configupdate/ConfigUpdateNodeResponse.java @@ -31,8 +31,8 @@ import org.opensearch.action.support.nodes.BaseNodeResponse; import org.opensearch.cluster.node.DiscoveryNode; -import org.opensearch.common.io.stream.StreamInput; -import org.opensearch.common.io.stream.StreamOutput; +import org.opensearch.core.common.io.stream.StreamInput; +import org.opensearch.core.common.io.stream.StreamOutput; import org.opensearch.core.xcontent.ToXContentObject; import org.opensearch.core.xcontent.XContentBuilder; diff --git a/src/main/java/org/opensearch/security/action/configupdate/ConfigUpdateRequest.java b/src/main/java/org/opensearch/security/action/configupdate/ConfigUpdateRequest.java index 5310c497a2..d4e860569d 100644 --- a/src/main/java/org/opensearch/security/action/configupdate/ConfigUpdateRequest.java +++ b/src/main/java/org/opensearch/security/action/configupdate/ConfigUpdateRequest.java @@ -30,8 +30,8 @@ import org.opensearch.action.ActionRequestValidationException; import org.opensearch.action.support.nodes.BaseNodesRequest; -import org.opensearch.common.io.stream.StreamInput; -import org.opensearch.common.io.stream.StreamOutput; +import org.opensearch.core.common.io.stream.StreamInput; +import org.opensearch.core.common.io.stream.StreamOutput; public class ConfigUpdateRequest extends BaseNodesRequest { diff --git a/src/main/java/org/opensearch/security/action/configupdate/ConfigUpdateResponse.java b/src/main/java/org/opensearch/security/action/configupdate/ConfigUpdateResponse.java index fd3176c016..9dd483248b 100644 --- a/src/main/java/org/opensearch/security/action/configupdate/ConfigUpdateResponse.java +++ b/src/main/java/org/opensearch/security/action/configupdate/ConfigUpdateResponse.java @@ -32,8 +32,8 @@ import org.opensearch.action.FailedNodeException; import org.opensearch.action.support.nodes.BaseNodesResponse; import org.opensearch.cluster.ClusterName; -import org.opensearch.common.io.stream.StreamInput; -import org.opensearch.common.io.stream.StreamOutput; +import org.opensearch.core.common.io.stream.StreamInput; +import org.opensearch.core.common.io.stream.StreamOutput; import org.opensearch.core.xcontent.ToXContentObject; import org.opensearch.core.xcontent.XContentBuilder; diff --git a/src/main/java/org/opensearch/security/action/configupdate/TransportConfigUpdateAction.java b/src/main/java/org/opensearch/security/action/configupdate/TransportConfigUpdateAction.java index 9a8cc22624..1e5b5e4056 100644 --- a/src/main/java/org/opensearch/security/action/configupdate/TransportConfigUpdateAction.java +++ b/src/main/java/org/opensearch/security/action/configupdate/TransportConfigUpdateAction.java @@ -38,8 +38,8 @@ import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.inject.Inject; import org.opensearch.common.inject.Provider; -import org.opensearch.common.io.stream.StreamInput; -import org.opensearch.common.io.stream.StreamOutput; +import org.opensearch.core.common.io.stream.StreamInput; +import org.opensearch.core.common.io.stream.StreamOutput; import org.opensearch.common.settings.Settings; import org.opensearch.security.auth.BackendRegistry; import org.opensearch.security.configuration.ConfigurationRepository; diff --git a/src/main/java/org/opensearch/security/action/whoami/WhoAmIRequest.java b/src/main/java/org/opensearch/security/action/whoami/WhoAmIRequest.java index 8226cc0a09..c393205adf 100644 --- a/src/main/java/org/opensearch/security/action/whoami/WhoAmIRequest.java +++ b/src/main/java/org/opensearch/security/action/whoami/WhoAmIRequest.java @@ -29,7 +29,7 @@ import java.io.IOException; import org.opensearch.action.support.nodes.BaseNodesRequest; -import org.opensearch.common.io.stream.StreamInput; +import org.opensearch.core.common.io.stream.StreamInput; public class WhoAmIRequest extends BaseNodesRequest { diff --git a/src/main/java/org/opensearch/security/action/whoami/WhoAmIResponse.java b/src/main/java/org/opensearch/security/action/whoami/WhoAmIResponse.java index 3e9d74fe25..0b30aeb94b 100644 --- a/src/main/java/org/opensearch/security/action/whoami/WhoAmIResponse.java +++ b/src/main/java/org/opensearch/security/action/whoami/WhoAmIResponse.java @@ -30,8 +30,8 @@ import org.opensearch.action.ActionResponse; import org.opensearch.common.Strings; -import org.opensearch.common.io.stream.StreamInput; -import org.opensearch.common.io.stream.StreamOutput; +import org.opensearch.core.common.io.stream.StreamInput; +import org.opensearch.core.common.io.stream.StreamOutput; import org.opensearch.common.xcontent.XContentType; import org.opensearch.core.xcontent.ToXContent; import org.opensearch.core.xcontent.XContentBuilder; diff --git a/src/main/java/org/opensearch/security/auditlog/AuditLog.java b/src/main/java/org/opensearch/security/auditlog/AuditLog.java index 3ac7e095aa..612b790686 100644 --- a/src/main/java/org/opensearch/security/auditlog/AuditLog.java +++ b/src/main/java/org/opensearch/security/auditlog/AuditLog.java @@ -34,7 +34,7 @@ import org.opensearch.index.engine.Engine.Index; import org.opensearch.index.engine.Engine.IndexResult; import org.opensearch.index.get.GetResult; -import org.opensearch.index.shard.ShardId; +import org.opensearch.core.index.shard.ShardId; import org.opensearch.rest.RestRequest; import org.opensearch.security.auditlog.config.AuditConfig; import org.opensearch.security.compliance.ComplianceConfig; diff --git a/src/main/java/org/opensearch/security/auditlog/NullAuditLog.java b/src/main/java/org/opensearch/security/auditlog/NullAuditLog.java index 7fe3324d2e..809951d48a 100644 --- a/src/main/java/org/opensearch/security/auditlog/NullAuditLog.java +++ b/src/main/java/org/opensearch/security/auditlog/NullAuditLog.java @@ -34,7 +34,7 @@ import org.opensearch.index.engine.Engine.Index; import org.opensearch.index.engine.Engine.IndexResult; import org.opensearch.index.get.GetResult; -import org.opensearch.index.shard.ShardId; +import org.opensearch.core.index.shard.ShardId; import org.opensearch.rest.RestRequest; import org.opensearch.security.auditlog.config.AuditConfig; import org.opensearch.security.compliance.ComplianceConfig; diff --git a/src/main/java/org/opensearch/security/auditlog/impl/AbstractAuditLog.java b/src/main/java/org/opensearch/security/auditlog/impl/AbstractAuditLog.java index fe5b01fec7..d4cc756697 100644 --- a/src/main/java/org/opensearch/security/auditlog/impl/AbstractAuditLog.java +++ b/src/main/java/org/opensearch/security/auditlog/impl/AbstractAuditLog.java @@ -43,7 +43,7 @@ import org.opensearch.cluster.metadata.IndexNameExpressionResolver; import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.Strings; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.collect.Tuple; import org.opensearch.common.settings.Settings; import org.opensearch.common.transport.TransportAddress; @@ -59,7 +59,7 @@ import org.opensearch.index.engine.Engine.Index; import org.opensearch.index.engine.Engine.IndexResult; import org.opensearch.index.get.GetResult; -import org.opensearch.index.shard.ShardId; +import org.opensearch.core.index.shard.ShardId; import org.opensearch.rest.RestRequest; import org.opensearch.security.DefaultObjectMapper; import org.opensearch.security.auditlog.AuditLog; diff --git a/src/main/java/org/opensearch/security/auditlog/impl/AuditLogImpl.java b/src/main/java/org/opensearch/security/auditlog/impl/AuditLogImpl.java index a09c6a694e..c88f1fca3f 100644 --- a/src/main/java/org/opensearch/security/auditlog/impl/AuditLogImpl.java +++ b/src/main/java/org/opensearch/security/auditlog/impl/AuditLogImpl.java @@ -30,7 +30,7 @@ import org.opensearch.index.engine.Engine.Index; import org.opensearch.index.engine.Engine.IndexResult; import org.opensearch.index.get.GetResult; -import org.opensearch.index.shard.ShardId; +import org.opensearch.core.index.shard.ShardId; import org.opensearch.rest.RestRequest; import org.opensearch.security.auditlog.config.AuditConfig; import org.opensearch.security.auditlog.routing.AuditMessageRouter; diff --git a/src/main/java/org/opensearch/security/auditlog/impl/AuditMessage.java b/src/main/java/org/opensearch/security/auditlog/impl/AuditMessage.java index 9b1d70d41c..f7e4255e03 100644 --- a/src/main/java/org/opensearch/security/auditlog/impl/AuditMessage.java +++ b/src/main/java/org/opensearch/security/auditlog/impl/AuditMessage.java @@ -34,14 +34,14 @@ import org.opensearch.ExceptionsHelper; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.collect.Tuple; import org.opensearch.common.transport.TransportAddress; import org.opensearch.common.xcontent.XContentHelper; import org.opensearch.common.xcontent.XContentType; import org.opensearch.common.xcontent.json.JsonXContent; import org.opensearch.core.common.Strings; -import org.opensearch.index.shard.ShardId; +import org.opensearch.core.index.shard.ShardId; import org.opensearch.rest.RestRequest; import org.opensearch.security.auditlog.AuditLog.Operation; import org.opensearch.security.auditlog.AuditLog.Origin; diff --git a/src/main/java/org/opensearch/security/auditlog/impl/RequestResolver.java b/src/main/java/org/opensearch/security/auditlog/impl/RequestResolver.java index ecf7a2bd36..c37247e7db 100644 --- a/src/main/java/org/opensearch/security/auditlog/impl/RequestResolver.java +++ b/src/main/java/org/opensearch/security/auditlog/impl/RequestResolver.java @@ -42,14 +42,14 @@ import org.opensearch.cluster.metadata.IndexNameExpressionResolver; import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.Strings; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.collect.Tuple; import org.opensearch.common.settings.Settings; import org.opensearch.common.transport.TransportAddress; import org.opensearch.common.xcontent.XContentFactory; import org.opensearch.common.xcontent.XContentType; import org.opensearch.core.xcontent.XContentBuilder; -import org.opensearch.index.Index; +import org.opensearch.core.index.Index; import org.opensearch.index.reindex.DeleteByQueryRequest; import org.opensearch.index.reindex.ReindexRequest; import org.opensearch.index.reindex.UpdateByQueryRequest; diff --git a/src/main/java/org/opensearch/security/auth/BackendRegistry.java b/src/main/java/org/opensearch/security/auth/BackendRegistry.java index 0a287d19f5..b2873f9625 100644 --- a/src/main/java/org/opensearch/security/auth/BackendRegistry.java +++ b/src/main/java/org/opensearch/security/auth/BackendRegistry.java @@ -54,7 +54,7 @@ import org.opensearch.rest.BytesRestResponse; import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestRequest; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.auth.blocking.ClientBlockRegistry; import org.opensearch.security.auth.internal.NoOpAuthenticationBackend; diff --git a/src/main/java/org/opensearch/security/compliance/ComplianceIndexingOperationListenerImpl.java b/src/main/java/org/opensearch/security/compliance/ComplianceIndexingOperationListenerImpl.java index cf369bb0cb..c1ac1271bb 100644 --- a/src/main/java/org/opensearch/security/compliance/ComplianceIndexingOperationListenerImpl.java +++ b/src/main/java/org/opensearch/security/compliance/ComplianceIndexingOperationListenerImpl.java @@ -24,7 +24,7 @@ import org.opensearch.index.engine.Engine.IndexResult; import org.opensearch.index.get.GetResult; import org.opensearch.index.shard.IndexShard; -import org.opensearch.index.shard.ShardId; +import org.opensearch.core.index.shard.ShardId; import org.opensearch.security.auditlog.AuditLog; public final class ComplianceIndexingOperationListenerImpl extends ComplianceIndexingOperationListener { diff --git a/src/main/java/org/opensearch/security/compliance/FieldReadCallback.java b/src/main/java/org/opensearch/security/compliance/FieldReadCallback.java index 5fc1c73128..3f2d764f1d 100644 --- a/src/main/java/org/opensearch/security/compliance/FieldReadCallback.java +++ b/src/main/java/org/opensearch/security/compliance/FieldReadCallback.java @@ -27,10 +27,10 @@ import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.util.concurrent.ThreadContext; import org.opensearch.common.xcontent.support.XContentMapValues; -import org.opensearch.index.Index; +import org.opensearch.core.index.Index; import org.opensearch.index.IndexService; import org.opensearch.index.mapper.Uid; -import org.opensearch.index.shard.ShardId; +import org.opensearch.core.index.shard.ShardId; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.dlic.rest.support.Utils; import org.opensearch.security.support.HeaderHelper; diff --git a/src/main/java/org/opensearch/security/configuration/ConfigUpdateAlreadyInProgressException.java b/src/main/java/org/opensearch/security/configuration/ConfigUpdateAlreadyInProgressException.java index c628a3156e..6387c17103 100644 --- a/src/main/java/org/opensearch/security/configuration/ConfigUpdateAlreadyInProgressException.java +++ b/src/main/java/org/opensearch/security/configuration/ConfigUpdateAlreadyInProgressException.java @@ -20,7 +20,7 @@ import java.io.IOException; import org.opensearch.OpenSearchException; -import org.opensearch.common.io.stream.StreamInput; +import org.opensearch.core.common.io.stream.StreamInput; public class ConfigUpdateAlreadyInProgressException extends OpenSearchException { diff --git a/src/main/java/org/opensearch/security/configuration/ConfigurationLoaderSecurity7.java b/src/main/java/org/opensearch/security/configuration/ConfigurationLoaderSecurity7.java index f7802fd10e..3cf7ce534c 100644 --- a/src/main/java/org/opensearch/security/configuration/ConfigurationLoaderSecurity7.java +++ b/src/main/java/org/opensearch/security/configuration/ConfigurationLoaderSecurity7.java @@ -48,7 +48,7 @@ import org.opensearch.action.get.MultiGetResponse.Failure; import org.opensearch.client.Client; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.common.xcontent.XContentHelper; import org.opensearch.common.xcontent.XContentType; diff --git a/src/main/java/org/opensearch/security/configuration/ConfigurationRepository.java b/src/main/java/org/opensearch/security/configuration/ConfigurationRepository.java index 92ae22af01..c6ecbc9ac4 100644 --- a/src/main/java/org/opensearch/security/configuration/ConfigurationRepository.java +++ b/src/main/java/org/opensearch/security/configuration/ConfigurationRepository.java @@ -65,7 +65,7 @@ import org.opensearch.common.util.concurrent.ThreadContext.StoredContext; import org.opensearch.common.xcontent.XContentType; import org.opensearch.env.Environment; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.auditlog.config.AuditConfig; import org.opensearch.security.securityconf.DynamicConfigFactory; diff --git a/src/main/java/org/opensearch/security/configuration/DlsFlsFilterLeafReader.java b/src/main/java/org/opensearch/security/configuration/DlsFlsFilterLeafReader.java index 7100be35e5..508c3dd9b4 100644 --- a/src/main/java/org/opensearch/security/configuration/DlsFlsFilterLeafReader.java +++ b/src/main/java/org/opensearch/security/configuration/DlsFlsFilterLeafReader.java @@ -64,8 +64,8 @@ import org.opensearch.ExceptionsHelper; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.bytes.BytesArray; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesArray; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.collect.Tuple; import org.opensearch.common.lucene.index.SequentialStoredFieldsLeafReader; import org.opensearch.common.util.concurrent.ThreadContext; @@ -74,7 +74,7 @@ import org.opensearch.common.xcontent.support.XContentMapValues; import org.opensearch.core.xcontent.XContentBuilder; import org.opensearch.index.IndexService; -import org.opensearch.index.shard.ShardId; +import org.opensearch.core.index.shard.ShardId; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.compliance.ComplianceConfig; import org.opensearch.security.compliance.FieldReadCallback; diff --git a/src/main/java/org/opensearch/security/configuration/DlsFlsValveImpl.java b/src/main/java/org/opensearch/security/configuration/DlsFlsValveImpl.java index 81fe9e255f..de7ffe1fc2 100644 --- a/src/main/java/org/opensearch/security/configuration/DlsFlsValveImpl.java +++ b/src/main/java/org/opensearch/security/configuration/DlsFlsValveImpl.java @@ -54,7 +54,7 @@ import org.opensearch.common.xcontent.XContentType; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.index.query.ParsedQuery; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.search.DocValueFormat; import org.opensearch.search.aggregations.AggregationBuilder; import org.opensearch.search.aggregations.AggregatorFactories; diff --git a/src/main/java/org/opensearch/security/configuration/SecurityFlsDlsIndexSearcherWrapper.java b/src/main/java/org/opensearch/security/configuration/SecurityFlsDlsIndexSearcherWrapper.java index 2e58424c63..b6df13c9d9 100644 --- a/src/main/java/org/opensearch/security/configuration/SecurityFlsDlsIndexSearcherWrapper.java +++ b/src/main/java/org/opensearch/security/configuration/SecurityFlsDlsIndexSearcherWrapper.java @@ -27,7 +27,7 @@ import org.opensearch.index.IndexService; import org.opensearch.index.mapper.IgnoredFieldMapper; import org.opensearch.index.query.QueryShardContext; -import org.opensearch.index.shard.ShardId; +import org.opensearch.core.index.shard.ShardId; import org.opensearch.index.shard.ShardUtils; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.compliance.ComplianceIndexingOperationListener; diff --git a/src/main/java/org/opensearch/security/configuration/SecurityIndexSearcherWrapper.java b/src/main/java/org/opensearch/security/configuration/SecurityIndexSearcherWrapper.java index 9c7d451fa3..1619b3da32 100644 --- a/src/main/java/org/opensearch/security/configuration/SecurityIndexSearcherWrapper.java +++ b/src/main/java/org/opensearch/security/configuration/SecurityIndexSearcherWrapper.java @@ -38,7 +38,7 @@ import org.opensearch.common.settings.Settings; import org.opensearch.common.transport.TransportAddress; import org.opensearch.common.util.concurrent.ThreadContext; -import org.opensearch.index.Index; +import org.opensearch.core.index.Index; import org.opensearch.index.IndexService; import org.opensearch.security.privileges.PrivilegesEvaluator; import org.opensearch.security.securityconf.ConfigModel; diff --git a/src/main/java/org/opensearch/security/configuration/StaticResourceException.java b/src/main/java/org/opensearch/security/configuration/StaticResourceException.java index 8574a170bb..1191c3a1ab 100644 --- a/src/main/java/org/opensearch/security/configuration/StaticResourceException.java +++ b/src/main/java/org/opensearch/security/configuration/StaticResourceException.java @@ -20,7 +20,7 @@ import java.io.IOException; import org.opensearch.OpenSearchException; -import org.opensearch.common.io.stream.StreamInput; +import org.opensearch.core.common.io.stream.StreamInput; public class StaticResourceException extends OpenSearchException { diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/AbstractApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/AbstractApiAction.java index 288a8eac0e..727624e4e4 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/AbstractApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/AbstractApiAction.java @@ -30,7 +30,7 @@ import org.opensearch.client.Client; import org.opensearch.client.node.NodeClient; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.common.util.concurrent.ThreadContext.StoredContext; import org.opensearch.common.xcontent.XContentHelper; @@ -44,7 +44,7 @@ import org.opensearch.rest.RestController; import org.opensearch.rest.RestRequest; import org.opensearch.rest.RestRequest.Method; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.DefaultObjectMapper; import org.opensearch.security.action.configupdate.ConfigUpdateAction; import org.opensearch.security.action.configupdate.ConfigUpdateNodeResponse; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/AccountApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/AccountApiAction.java index 68446366bc..a93929f57b 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/AccountApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/AccountApiAction.java @@ -23,7 +23,7 @@ import org.opensearch.action.index.IndexResponse; import org.opensearch.client.Client; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.common.transport.TransportAddress; import org.opensearch.common.util.concurrent.ThreadContext; @@ -34,7 +34,7 @@ import org.opensearch.rest.RestController; import org.opensearch.rest.RestRequest; import org.opensearch.rest.RestRequest.Method; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.configuration.AdminDNs; import org.opensearch.security.configuration.ConfigurationRepository; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiAction.java index 94af3ad3af..3b3e772eda 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiAction.java @@ -21,7 +21,7 @@ import org.opensearch.client.Client; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.inject.Inject; import org.opensearch.common.settings.Settings; import org.opensearch.rest.RestChannel; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/AllowlistApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/AllowlistApiAction.java index 0c5b2775aa..054ac1ea46 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/AllowlistApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/AllowlistApiAction.java @@ -21,7 +21,7 @@ import org.opensearch.action.index.IndexResponse; import org.opensearch.client.Client; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.inject.Inject; import org.opensearch.common.settings.Settings; import org.opensearch.rest.RestChannel; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/AuditApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/AuditApiAction.java index a61f66c6e3..078bfcc62a 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/AuditApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/AuditApiAction.java @@ -23,7 +23,7 @@ import org.opensearch.client.Client; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.common.util.concurrent.ThreadContext; import org.opensearch.rest.RestChannel; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/AuthTokenProcessorAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/AuthTokenProcessorAction.java index fa6d967624..87c82cf77c 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/AuthTokenProcessorAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/AuthTokenProcessorAction.java @@ -20,7 +20,7 @@ import org.opensearch.client.Client; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.inject.Inject; import org.opensearch.common.settings.Settings; import org.opensearch.rest.RestChannel; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/FlushCacheApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/FlushCacheApiAction.java index 2f8a60aa65..4898897df7 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/FlushCacheApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/FlushCacheApiAction.java @@ -21,7 +21,7 @@ import org.opensearch.action.ActionListener; import org.opensearch.client.Client; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.inject.Inject; import org.opensearch.common.settings.Settings; import org.opensearch.rest.RestChannel; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/InternalUsersApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/InternalUsersApiAction.java index 3e041961b0..6db8963ab5 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/InternalUsersApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/InternalUsersApiAction.java @@ -23,7 +23,7 @@ import org.opensearch.action.index.IndexResponse; import org.opensearch.client.Client; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.inject.Inject; import org.opensearch.common.settings.Settings; import org.opensearch.core.xcontent.XContentBuilder; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/MigrateApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/MigrateApiAction.java index 108e29b980..ff82af9426 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/MigrateApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/MigrateApiAction.java @@ -30,7 +30,7 @@ import org.opensearch.client.Client; import org.opensearch.cluster.metadata.IndexMetadata; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.collect.Tuple; import org.opensearch.common.inject.Inject; import org.opensearch.common.settings.Settings; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/MultiTenancyConfigApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/MultiTenancyConfigApiAction.java index ef5be4634f..bef77ecb2b 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/MultiTenancyConfigApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/MultiTenancyConfigApiAction.java @@ -26,14 +26,14 @@ import org.opensearch.action.index.IndexResponse; import org.opensearch.client.Client; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.core.xcontent.XContentBuilder; import org.opensearch.rest.BytesRestResponse; import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestController; import org.opensearch.rest.RestRequest; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.configuration.AdminDNs; import org.opensearch.security.configuration.ConfigurationRepository; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/NodesDnApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/NodesDnApiAction.java index 6d44e4073c..c7392e4441 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/NodesDnApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/NodesDnApiAction.java @@ -21,7 +21,7 @@ import org.opensearch.client.Client; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.inject.Inject; import org.opensearch.common.settings.Settings; import org.opensearch.rest.RestChannel; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/PatchableResourceApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/PatchableResourceApiAction.java index e6d1f1744a..6050b9785e 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/PatchableResourceApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/PatchableResourceApiAction.java @@ -28,8 +28,8 @@ import org.opensearch.action.index.IndexResponse; import org.opensearch.client.Client; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.bytes.BytesArray; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesArray; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.common.xcontent.XContentType; import org.opensearch.core.common.Strings; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/PermissionsInfoAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/PermissionsInfoAction.java index f57c4eb59c..ad8a536bfc 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/PermissionsInfoAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/PermissionsInfoAction.java @@ -33,7 +33,7 @@ import org.opensearch.rest.RestController; import org.opensearch.rest.RestRequest; import org.opensearch.rest.RestRequest.Method; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.configuration.AdminDNs; import org.opensearch.security.configuration.ConfigurationRepository; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/RolesApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/RolesApiAction.java index 65dbaac05e..ea1ca791ba 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/RolesApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/RolesApiAction.java @@ -19,7 +19,7 @@ import org.opensearch.client.Client; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.inject.Inject; import org.opensearch.common.settings.Settings; import org.opensearch.rest.RestController; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/RolesMappingApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/RolesMappingApiAction.java index 627dabfaa2..e2909edd6c 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/RolesMappingApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/RolesMappingApiAction.java @@ -21,7 +21,7 @@ import org.opensearch.action.index.IndexResponse; import org.opensearch.client.Client; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.inject.Inject; import org.opensearch.common.settings.Settings; import org.opensearch.rest.RestChannel; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/SecurityConfigAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/SecurityConfigAction.java index 9584a34c06..c4abc45cee 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/SecurityConfigAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/SecurityConfigAction.java @@ -21,7 +21,7 @@ import org.opensearch.client.Client; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.inject.Inject; import org.opensearch.common.settings.Settings; import org.opensearch.rest.RestChannel; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/SecuritySSLCertsAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/SecuritySSLCertsAction.java index 4949dedad9..0b576bfd68 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/SecuritySSLCertsAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/SecuritySSLCertsAction.java @@ -27,7 +27,7 @@ import org.opensearch.client.Client; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.core.xcontent.XContentBuilder; import org.opensearch.rest.BytesRestResponse; @@ -35,7 +35,7 @@ import org.opensearch.rest.RestController; import org.opensearch.rest.RestRequest; import org.opensearch.rest.RestRequest.Method; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.configuration.AdminDNs; import org.opensearch.security.configuration.ConfigurationRepository; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/TenantsApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/TenantsApiAction.java index 5fbb907ecf..b011325c86 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/TenantsApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/TenantsApiAction.java @@ -34,7 +34,7 @@ import org.opensearch.client.Client; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.inject.Inject; import org.opensearch.common.settings.Settings; import org.opensearch.rest.RestController; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/ValidateApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/ValidateApiAction.java index de79b131b3..f9612d3b40 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/ValidateApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/ValidateApiAction.java @@ -20,7 +20,7 @@ import org.opensearch.client.Client; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.collect.Tuple; import org.opensearch.common.inject.Inject; import org.opensearch.common.settings.Settings; diff --git a/src/main/java/org/opensearch/security/dlic/rest/support/Utils.java b/src/main/java/org/opensearch/security/dlic/rest/support/Utils.java index 65524a8bf7..52220b2450 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/support/Utils.java +++ b/src/main/java/org/opensearch/security/dlic/rest/support/Utils.java @@ -35,7 +35,7 @@ import org.opensearch.ExceptionsHelper; import org.opensearch.OpenSearchParseException; import org.opensearch.SpecialPermission; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.transport.TransportAddress; import org.opensearch.common.util.concurrent.ThreadContext; import org.opensearch.common.xcontent.XContentHelper; diff --git a/src/main/java/org/opensearch/security/dlic/rest/validation/AbstractConfigurationValidator.java b/src/main/java/org/opensearch/security/dlic/rest/validation/AbstractConfigurationValidator.java index 51d58d75f6..543ad4b4a7 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/validation/AbstractConfigurationValidator.java +++ b/src/main/java/org/opensearch/security/dlic/rest/validation/AbstractConfigurationValidator.java @@ -28,7 +28,7 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.common.xcontent.XContentHelper; import org.opensearch.common.xcontent.XContentType; diff --git a/src/main/java/org/opensearch/security/dlic/rest/validation/AccountValidator.java b/src/main/java/org/opensearch/security/dlic/rest/validation/AccountValidator.java index 32cf06078b..a2f085f05b 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/validation/AccountValidator.java +++ b/src/main/java/org/opensearch/security/dlic/rest/validation/AccountValidator.java @@ -11,7 +11,7 @@ package org.opensearch.security.dlic.rest.validation; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.rest.RestRequest; diff --git a/src/main/java/org/opensearch/security/dlic/rest/validation/ActionGroupValidator.java b/src/main/java/org/opensearch/security/dlic/rest/validation/ActionGroupValidator.java index a9f298fb15..7c65ff4567 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/validation/ActionGroupValidator.java +++ b/src/main/java/org/opensearch/security/dlic/rest/validation/ActionGroupValidator.java @@ -11,7 +11,7 @@ package org.opensearch.security.dlic.rest.validation; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.rest.RestRequest; diff --git a/src/main/java/org/opensearch/security/dlic/rest/validation/AllowlistValidator.java b/src/main/java/org/opensearch/security/dlic/rest/validation/AllowlistValidator.java index 5b53a1fb49..9fc7465642 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/validation/AllowlistValidator.java +++ b/src/main/java/org/opensearch/security/dlic/rest/validation/AllowlistValidator.java @@ -11,7 +11,7 @@ package org.opensearch.security.dlic.rest.validation; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.rest.RestRequest; diff --git a/src/main/java/org/opensearch/security/dlic/rest/validation/AuditValidator.java b/src/main/java/org/opensearch/security/dlic/rest/validation/AuditValidator.java index 1bff373c0d..b57cd1e715 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/validation/AuditValidator.java +++ b/src/main/java/org/opensearch/security/dlic/rest/validation/AuditValidator.java @@ -15,7 +15,7 @@ import com.google.common.collect.ImmutableSet; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.rest.RestRequest; import org.opensearch.security.DefaultObjectMapper; diff --git a/src/main/java/org/opensearch/security/dlic/rest/validation/CredentialsValidator.java b/src/main/java/org/opensearch/security/dlic/rest/validation/CredentialsValidator.java index a0f67c97ce..283af8dd00 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/validation/CredentialsValidator.java +++ b/src/main/java/org/opensearch/security/dlic/rest/validation/CredentialsValidator.java @@ -13,8 +13,8 @@ import java.util.Map; -import org.opensearch.common.bytes.BytesReference; -import org.opensearch.common.compress.NotXContentException; +import org.opensearch.core.common.bytes.BytesReference; +import org.opensearch.core.common.compress.NotXContentException; import org.opensearch.common.settings.Settings; import org.opensearch.common.xcontent.XContentHelper; import org.opensearch.common.xcontent.XContentType; diff --git a/src/main/java/org/opensearch/security/dlic/rest/validation/InternalUsersValidator.java b/src/main/java/org/opensearch/security/dlic/rest/validation/InternalUsersValidator.java index 9681c47232..87423e3912 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/validation/InternalUsersValidator.java +++ b/src/main/java/org/opensearch/security/dlic/rest/validation/InternalUsersValidator.java @@ -11,7 +11,7 @@ package org.opensearch.security.dlic.rest.validation; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.rest.RestRequest; diff --git a/src/main/java/org/opensearch/security/dlic/rest/validation/MultiTenancyConfigValidator.java b/src/main/java/org/opensearch/security/dlic/rest/validation/MultiTenancyConfigValidator.java index 42f86dbee5..dd07e9ac2e 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/validation/MultiTenancyConfigValidator.java +++ b/src/main/java/org/opensearch/security/dlic/rest/validation/MultiTenancyConfigValidator.java @@ -10,7 +10,7 @@ */ package org.opensearch.security.dlic.rest.validation; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.rest.RestRequest; diff --git a/src/main/java/org/opensearch/security/dlic/rest/validation/NoOpValidator.java b/src/main/java/org/opensearch/security/dlic/rest/validation/NoOpValidator.java index 7c64102091..d29ec91561 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/validation/NoOpValidator.java +++ b/src/main/java/org/opensearch/security/dlic/rest/validation/NoOpValidator.java @@ -11,7 +11,7 @@ package org.opensearch.security.dlic.rest.validation; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.rest.RestRequest; diff --git a/src/main/java/org/opensearch/security/dlic/rest/validation/NodesDnValidator.java b/src/main/java/org/opensearch/security/dlic/rest/validation/NodesDnValidator.java index c98df1de0a..a2abb06f7b 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/validation/NodesDnValidator.java +++ b/src/main/java/org/opensearch/security/dlic/rest/validation/NodesDnValidator.java @@ -11,7 +11,7 @@ package org.opensearch.security.dlic.rest.validation; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.rest.RestRequest; diff --git a/src/main/java/org/opensearch/security/dlic/rest/validation/RolesMappingValidator.java b/src/main/java/org/opensearch/security/dlic/rest/validation/RolesMappingValidator.java index 728c2e0ca0..10c630c771 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/validation/RolesMappingValidator.java +++ b/src/main/java/org/opensearch/security/dlic/rest/validation/RolesMappingValidator.java @@ -11,7 +11,7 @@ package org.opensearch.security.dlic.rest.validation; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.rest.RestRequest; diff --git a/src/main/java/org/opensearch/security/dlic/rest/validation/RolesValidator.java b/src/main/java/org/opensearch/security/dlic/rest/validation/RolesValidator.java index 2e57730e41..019a21c73b 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/validation/RolesValidator.java +++ b/src/main/java/org/opensearch/security/dlic/rest/validation/RolesValidator.java @@ -16,7 +16,7 @@ import com.jayway.jsonpath.JsonPath; import com.jayway.jsonpath.ReadContext; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.rest.RestRequest; import org.opensearch.security.configuration.MaskedField; diff --git a/src/main/java/org/opensearch/security/dlic/rest/validation/SecurityConfigValidator.java b/src/main/java/org/opensearch/security/dlic/rest/validation/SecurityConfigValidator.java index cd2ee56b4a..30f3c91965 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/validation/SecurityConfigValidator.java +++ b/src/main/java/org/opensearch/security/dlic/rest/validation/SecurityConfigValidator.java @@ -11,7 +11,7 @@ package org.opensearch.security.dlic.rest.validation; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.rest.RestRequest; diff --git a/src/main/java/org/opensearch/security/dlic/rest/validation/TenantValidator.java b/src/main/java/org/opensearch/security/dlic/rest/validation/TenantValidator.java index 51e0e97264..07a0ec9cf3 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/validation/TenantValidator.java +++ b/src/main/java/org/opensearch/security/dlic/rest/validation/TenantValidator.java @@ -27,7 +27,7 @@ package org.opensearch.security.dlic.rest.validation; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.rest.RestRequest; diff --git a/src/main/java/org/opensearch/security/dlic/rest/validation/WhitelistValidator.java b/src/main/java/org/opensearch/security/dlic/rest/validation/WhitelistValidator.java index cf85b248d4..91a283b4c5 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/validation/WhitelistValidator.java +++ b/src/main/java/org/opensearch/security/dlic/rest/validation/WhitelistValidator.java @@ -11,7 +11,7 @@ package org.opensearch.security.dlic.rest.validation; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.rest.RestRequest; diff --git a/src/main/java/org/opensearch/security/filter/SecurityFilter.java b/src/main/java/org/opensearch/security/filter/SecurityFilter.java index 38675d97c5..e540d48512 100644 --- a/src/main/java/org/opensearch/security/filter/SecurityFilter.java +++ b/src/main/java/org/opensearch/security/filter/SecurityFilter.java @@ -71,7 +71,7 @@ import org.opensearch.core.common.logging.LoggerMessageFormat; import org.opensearch.index.reindex.DeleteByQueryRequest; import org.opensearch.index.reindex.UpdateByQueryRequest; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.action.whoami.WhoAmIAction; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.auditlog.AuditLog.Origin; diff --git a/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java b/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java index cfc157d334..54d98ffe13 100644 --- a/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java +++ b/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java @@ -48,7 +48,7 @@ import org.opensearch.rest.RestHandler; import org.opensearch.rest.RestRequest; import org.opensearch.rest.RestRequest.Method; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.auditlog.AuditLog.Origin; import org.opensearch.security.auth.BackendRegistry; diff --git a/src/main/java/org/opensearch/security/http/HTTPBasicAuthenticator.java b/src/main/java/org/opensearch/security/http/HTTPBasicAuthenticator.java index 88ac128828..4be83bc2e2 100644 --- a/src/main/java/org/opensearch/security/http/HTTPBasicAuthenticator.java +++ b/src/main/java/org/opensearch/security/http/HTTPBasicAuthenticator.java @@ -36,7 +36,7 @@ import org.opensearch.rest.BytesRestResponse; import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestRequest; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.auth.HTTPAuthenticator; import org.opensearch.security.support.HTTPHelper; import org.opensearch.security.user.AuthCredentials; diff --git a/src/main/java/org/opensearch/security/resolver/IndexResolverReplacer.java b/src/main/java/org/opensearch/security/resolver/IndexResolverReplacer.java index a907bdbe13..ea8985ee69 100644 --- a/src/main/java/org/opensearch/security/resolver/IndexResolverReplacer.java +++ b/src/main/java/org/opensearch/security/resolver/IndexResolverReplacer.java @@ -82,7 +82,7 @@ import org.opensearch.cluster.metadata.IndexAbstraction; import org.opensearch.cluster.metadata.IndexNameExpressionResolver; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.index.Index; +import org.opensearch.core.index.Index; import org.opensearch.index.IndexNotFoundException; import org.opensearch.index.reindex.ReindexRequest; import org.opensearch.security.OpenSearchSecurityPlugin; diff --git a/src/main/java/org/opensearch/security/rest/DashboardsInfoAction.java b/src/main/java/org/opensearch/security/rest/DashboardsInfoAction.java index ed5b965be2..96221985fd 100644 --- a/src/main/java/org/opensearch/security/rest/DashboardsInfoAction.java +++ b/src/main/java/org/opensearch/security/rest/DashboardsInfoAction.java @@ -42,7 +42,7 @@ import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestController; import org.opensearch.rest.RestRequest; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.privileges.PrivilegesEvaluator; import org.opensearch.security.support.ConfigConstants; import org.opensearch.security.user.User; diff --git a/src/main/java/org/opensearch/security/rest/SecurityConfigUpdateAction.java b/src/main/java/org/opensearch/security/rest/SecurityConfigUpdateAction.java index 379a3b6b13..c582c9f51b 100644 --- a/src/main/java/org/opensearch/security/rest/SecurityConfigUpdateAction.java +++ b/src/main/java/org/opensearch/security/rest/SecurityConfigUpdateAction.java @@ -24,7 +24,7 @@ import org.opensearch.rest.BytesRestResponse; import org.opensearch.rest.RestController; import org.opensearch.rest.RestRequest; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.rest.action.RestActions.NodesResponseRestListener; import org.opensearch.security.action.configupdate.ConfigUpdateAction; import org.opensearch.security.action.configupdate.ConfigUpdateRequest; diff --git a/src/main/java/org/opensearch/security/rest/SecurityHealthAction.java b/src/main/java/org/opensearch/security/rest/SecurityHealthAction.java index 0631e3044a..579d42e7a6 100644 --- a/src/main/java/org/opensearch/security/rest/SecurityHealthAction.java +++ b/src/main/java/org/opensearch/security/rest/SecurityHealthAction.java @@ -39,7 +39,7 @@ import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestController; import org.opensearch.rest.RestRequest; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.auth.BackendRegistry; import static org.opensearch.rest.RestRequest.Method.GET; diff --git a/src/main/java/org/opensearch/security/rest/SecurityInfoAction.java b/src/main/java/org/opensearch/security/rest/SecurityInfoAction.java index 6159f555c7..9ed1427122 100644 --- a/src/main/java/org/opensearch/security/rest/SecurityInfoAction.java +++ b/src/main/java/org/opensearch/security/rest/SecurityInfoAction.java @@ -48,7 +48,7 @@ import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestController; import org.opensearch.rest.RestRequest; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.privileges.PrivilegesEvaluator; import org.opensearch.security.support.Base64Helper; import org.opensearch.security.support.ConfigConstants; diff --git a/src/main/java/org/opensearch/security/rest/SecurityWhoAmIAction.java b/src/main/java/org/opensearch/security/rest/SecurityWhoAmIAction.java index 36af8b4ffa..8bab16484d 100644 --- a/src/main/java/org/opensearch/security/rest/SecurityWhoAmIAction.java +++ b/src/main/java/org/opensearch/security/rest/SecurityWhoAmIAction.java @@ -30,7 +30,7 @@ import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestController; import org.opensearch.rest.RestRequest; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.configuration.AdminDNs; import org.opensearch.security.ssl.transport.PrincipalExtractor; import org.opensearch.security.ssl.util.SSLRequestHelper; diff --git a/src/main/java/org/opensearch/security/rest/TenantInfoAction.java b/src/main/java/org/opensearch/security/rest/TenantInfoAction.java index c6f09efd98..f3afc0f006 100644 --- a/src/main/java/org/opensearch/security/rest/TenantInfoAction.java +++ b/src/main/java/org/opensearch/security/rest/TenantInfoAction.java @@ -47,7 +47,7 @@ import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestController; import org.opensearch.rest.RestRequest; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.configuration.AdminDNs; import org.opensearch.security.configuration.ConfigurationRepository; import org.opensearch.security.privileges.PrivilegesEvaluator; diff --git a/src/main/java/org/opensearch/security/securityconf/impl/AllowlistingSettings.java b/src/main/java/org/opensearch/security/securityconf/impl/AllowlistingSettings.java index e2c86009d1..98fc7a266a 100644 --- a/src/main/java/org/opensearch/security/securityconf/impl/AllowlistingSettings.java +++ b/src/main/java/org/opensearch/security/securityconf/impl/AllowlistingSettings.java @@ -20,7 +20,7 @@ import org.opensearch.rest.BytesRestResponse; import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestRequest; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; public class AllowlistingSettings { private boolean enabled; diff --git a/src/main/java/org/opensearch/security/securityconf/impl/WhitelistingSettings.java b/src/main/java/org/opensearch/security/securityconf/impl/WhitelistingSettings.java index 57405b24fe..4462bae90f 100644 --- a/src/main/java/org/opensearch/security/securityconf/impl/WhitelistingSettings.java +++ b/src/main/java/org/opensearch/security/securityconf/impl/WhitelistingSettings.java @@ -20,7 +20,7 @@ import org.opensearch.rest.BytesRestResponse; import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestRequest; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; public class WhitelistingSettings extends AllowlistingSettings { private boolean enabled; diff --git a/src/main/java/org/opensearch/security/ssl/OpenSearchSecuritySSLPlugin.java b/src/main/java/org/opensearch/security/ssl/OpenSearchSecuritySSLPlugin.java index dca7639bfa..358e547470 100644 --- a/src/main/java/org/opensearch/security/ssl/OpenSearchSecuritySSLPlugin.java +++ b/src/main/java/org/opensearch/security/ssl/OpenSearchSecuritySSLPlugin.java @@ -44,7 +44,7 @@ import org.opensearch.cluster.node.DiscoveryNodes; import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.Booleans; -import org.opensearch.common.io.stream.NamedWriteableRegistry; +import org.opensearch.core.common.io.stream.NamedWriteableRegistry; import org.opensearch.common.network.NetworkModule; import org.opensearch.common.network.NetworkService; import org.opensearch.common.settings.ClusterSettings; diff --git a/src/main/java/org/opensearch/security/ssl/SecureSSLSettings.java b/src/main/java/org/opensearch/security/ssl/SecureSSLSettings.java index 991e3c0376..1581deba20 100644 --- a/src/main/java/org/opensearch/security/ssl/SecureSSLSettings.java +++ b/src/main/java/org/opensearch/security/ssl/SecureSSLSettings.java @@ -24,7 +24,7 @@ import org.apache.logging.log4j.Logger; import org.opensearch.common.settings.SecureSetting; -import org.opensearch.common.settings.SecureString; +import org.opensearch.core.common.settings.SecureString; import org.opensearch.common.settings.Setting; import org.opensearch.common.settings.Settings; diff --git a/src/main/java/org/opensearch/security/ssl/http/netty/ValidatingDispatcher.java b/src/main/java/org/opensearch/security/ssl/http/netty/ValidatingDispatcher.java index d9c901cabc..e053da7787 100644 --- a/src/main/java/org/opensearch/security/ssl/http/netty/ValidatingDispatcher.java +++ b/src/main/java/org/opensearch/security/ssl/http/netty/ValidatingDispatcher.java @@ -32,7 +32,7 @@ import org.opensearch.http.HttpServerTransport.Dispatcher; import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestRequest; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.ssl.SslExceptionHandler; import org.opensearch.security.ssl.util.ExceptionUtils; import org.opensearch.security.ssl.util.SSLRequestHelper; diff --git a/src/main/java/org/opensearch/security/ssl/rest/SecuritySSLInfoAction.java b/src/main/java/org/opensearch/security/ssl/rest/SecuritySSLInfoAction.java index d9d35d0289..54d109f497 100644 --- a/src/main/java/org/opensearch/security/ssl/rest/SecuritySSLInfoAction.java +++ b/src/main/java/org/opensearch/security/ssl/rest/SecuritySSLInfoAction.java @@ -38,7 +38,7 @@ import org.opensearch.rest.RestController; import org.opensearch.rest.RestRequest; import org.opensearch.rest.RestRequest.Method; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.ssl.SecurityKeyStore; import org.opensearch.security.ssl.transport.PrincipalExtractor; import org.opensearch.security.ssl.util.SSLRequestHelper; diff --git a/src/main/java/org/opensearch/security/ssl/transport/SecuritySSLNettyTransport.java b/src/main/java/org/opensearch/security/ssl/transport/SecuritySSLNettyTransport.java index cbd130abe2..3c3d23022a 100644 --- a/src/main/java/org/opensearch/security/ssl/transport/SecuritySSLNettyTransport.java +++ b/src/main/java/org/opensearch/security/ssl/transport/SecuritySSLNettyTransport.java @@ -49,7 +49,7 @@ import org.opensearch.ExceptionsHelper; import org.opensearch.Version; import org.opensearch.cluster.node.DiscoveryNode; -import org.opensearch.common.io.stream.NamedWriteableRegistry; +import org.opensearch.core.common.io.stream.NamedWriteableRegistry; import org.opensearch.common.network.NetworkService; import org.opensearch.common.settings.Settings; import org.opensearch.common.util.PageCacheRecycler; diff --git a/src/main/java/org/opensearch/security/support/ConfigHelper.java b/src/main/java/org/opensearch/security/support/ConfigHelper.java index 4b53d4fc62..92bf069028 100644 --- a/src/main/java/org/opensearch/security/support/ConfigHelper.java +++ b/src/main/java/org/opensearch/security/support/ConfigHelper.java @@ -42,7 +42,7 @@ import org.opensearch.action.index.IndexRequest; import org.opensearch.action.support.WriteRequest.RefreshPolicy; import org.opensearch.client.Client; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.xcontent.XContentFactory; import org.opensearch.common.xcontent.XContentType; import org.opensearch.core.xcontent.MediaType; diff --git a/src/main/java/org/opensearch/security/support/ModuleInfo.java b/src/main/java/org/opensearch/security/support/ModuleInfo.java index b511be14e2..a225aee3be 100644 --- a/src/main/java/org/opensearch/security/support/ModuleInfo.java +++ b/src/main/java/org/opensearch/security/support/ModuleInfo.java @@ -26,15 +26,15 @@ package org.opensearch.security.support; +import org.opensearch.core.common.io.stream.StreamInput; +import org.opensearch.core.common.io.stream.StreamOutput; +import org.opensearch.core.common.io.stream.Writeable; + import java.io.IOException; import java.io.Serializable; import java.util.HashMap; import java.util.Map; -import org.opensearch.common.io.stream.StreamInput; -import org.opensearch.common.io.stream.StreamOutput; -import org.opensearch.common.io.stream.Writeable; - public class ModuleInfo implements Serializable, Writeable { private static final long serialVersionUID = -1077651823194285138L; diff --git a/src/main/java/org/opensearch/security/tools/SecurityAdmin.java b/src/main/java/org/opensearch/security/tools/SecurityAdmin.java index 7fdb2d5157..d2dc85f9d2 100644 --- a/src/main/java/org/opensearch/security/tools/SecurityAdmin.java +++ b/src/main/java/org/opensearch/security/tools/SecurityAdmin.java @@ -110,7 +110,7 @@ import org.opensearch.client.transport.NoNodeAvailableException; import org.opensearch.cluster.health.ClusterHealthStatus; import org.opensearch.common.Strings; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.collect.Tuple; import org.opensearch.common.settings.Settings; import org.opensearch.common.unit.TimeValue; @@ -122,7 +122,7 @@ import org.opensearch.core.xcontent.XContentBuilder; import org.opensearch.core.xcontent.XContentParser; import org.opensearch.index.IndexNotFoundException; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.DefaultObjectMapper; import org.opensearch.security.NonValidatingObjectMapper; import org.opensearch.security.auditlog.config.AuditConfig; diff --git a/src/main/java/org/opensearch/security/transport/SecurityInterceptor.java b/src/main/java/org/opensearch/security/transport/SecurityInterceptor.java index 66f4140d3e..015704e087 100644 --- a/src/main/java/org/opensearch/security/transport/SecurityInterceptor.java +++ b/src/main/java/org/opensearch/security/transport/SecurityInterceptor.java @@ -45,7 +45,7 @@ import org.opensearch.action.search.SearchRequest; import org.opensearch.cluster.node.DiscoveryNode; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.io.stream.StreamInput; +import org.opensearch.core.common.io.stream.StreamInput; import org.opensearch.common.settings.Settings; import org.opensearch.common.transport.TransportAddress; import org.opensearch.common.util.concurrent.ThreadContext; diff --git a/src/main/java/org/opensearch/security/user/User.java b/src/main/java/org/opensearch/security/user/User.java index 43ca5d0e57..2642b368d7 100644 --- a/src/main/java/org/opensearch/security/user/User.java +++ b/src/main/java/org/opensearch/security/user/User.java @@ -38,9 +38,9 @@ import com.google.common.collect.Lists; -import org.opensearch.common.io.stream.StreamInput; -import org.opensearch.common.io.stream.StreamOutput; -import org.opensearch.common.io.stream.Writeable; +import org.opensearch.core.common.io.stream.StreamInput; +import org.opensearch.core.common.io.stream.StreamOutput; +import org.opensearch.core.common.io.stream.Writeable; /** * A authenticated user and attributes associated to them (like roles, tenant, custom attributes) diff --git a/src/test/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticatorTest.java b/src/test/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticatorTest.java index b8ce0da6d2..eec2ff76b7 100644 --- a/src/test/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticatorTest.java +++ b/src/test/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticatorTest.java @@ -41,8 +41,8 @@ import org.junit.Test; import org.opensaml.saml.saml2.core.NameIDType; -import org.opensearch.common.bytes.BytesArray; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesArray; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.io.stream.BytesStreamOutput; import org.opensearch.common.settings.Settings; import org.opensearch.common.xcontent.XContentType; @@ -51,7 +51,7 @@ import org.opensearch.rest.RestRequest; import org.opensearch.rest.RestRequest.Method; import org.opensearch.rest.RestResponse; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.DefaultObjectMapper; import org.opensearch.security.test.helper.file.FileHelper; import org.opensearch.security.user.AuthCredentials; diff --git a/src/test/java/org/opensearch/security/RolesInjectorIntegTest.java b/src/test/java/org/opensearch/security/RolesInjectorIntegTest.java index 0ab9736378..820fd20820 100644 --- a/src/test/java/org/opensearch/security/RolesInjectorIntegTest.java +++ b/src/test/java/org/opensearch/security/RolesInjectorIntegTest.java @@ -33,7 +33,7 @@ import org.opensearch.cluster.health.ClusterHealthStatus; import org.opensearch.cluster.metadata.IndexNameExpressionResolver; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.io.stream.NamedWriteableRegistry; +import org.opensearch.core.common.io.stream.NamedWriteableRegistry; import org.opensearch.common.settings.Settings; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.env.Environment; diff --git a/src/test/java/org/opensearch/security/RolesValidationIntegTest.java b/src/test/java/org/opensearch/security/RolesValidationIntegTest.java index 89e0cd2e45..fb02b1c578 100644 --- a/src/test/java/org/opensearch/security/RolesValidationIntegTest.java +++ b/src/test/java/org/opensearch/security/RolesValidationIntegTest.java @@ -27,7 +27,7 @@ import org.opensearch.client.Client; import org.opensearch.cluster.metadata.IndexNameExpressionResolver; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.io.stream.NamedWriteableRegistry; +import org.opensearch.core.common.io.stream.NamedWriteableRegistry; import org.opensearch.common.settings.Settings; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.env.Environment; diff --git a/src/test/java/org/opensearch/security/TransportUserInjectorIntegTest.java b/src/test/java/org/opensearch/security/TransportUserInjectorIntegTest.java index 8b5259eb81..a940e073e7 100644 --- a/src/test/java/org/opensearch/security/TransportUserInjectorIntegTest.java +++ b/src/test/java/org/opensearch/security/TransportUserInjectorIntegTest.java @@ -25,7 +25,7 @@ import org.opensearch.client.Client; import org.opensearch.cluster.metadata.IndexNameExpressionResolver; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.io.stream.NamedWriteableRegistry; +import org.opensearch.core.common.io.stream.NamedWriteableRegistry; import org.opensearch.common.settings.Settings; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.env.Environment; diff --git a/src/test/java/org/opensearch/security/auditlog/helper/MockRestRequest.java b/src/test/java/org/opensearch/security/auditlog/helper/MockRestRequest.java index d2b15750ff..458e240596 100644 --- a/src/test/java/org/opensearch/security/auditlog/helper/MockRestRequest.java +++ b/src/test/java/org/opensearch/security/auditlog/helper/MockRestRequest.java @@ -13,7 +13,7 @@ import java.util.Collections; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.rest.RestRequest; diff --git a/src/test/java/org/opensearch/security/auditlog/impl/AuditMessageTest.java b/src/test/java/org/opensearch/security/auditlog/impl/AuditMessageTest.java index 6bfaf32816..f53872bb3a 100644 --- a/src/test/java/org/opensearch/security/auditlog/impl/AuditMessageTest.java +++ b/src/test/java/org/opensearch/security/auditlog/impl/AuditMessageTest.java @@ -24,7 +24,7 @@ import org.opensearch.cluster.ClusterName; import org.opensearch.cluster.node.DiscoveryNode; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.collect.Tuple; import org.opensearch.common.xcontent.XContentType; import org.opensearch.security.auditlog.AuditLog; diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/CCReplicationTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/CCReplicationTest.java index 079afa65bd..697ed8f898 100644 --- a/src/test/java/org/opensearch/security/dlic/dlsfls/CCReplicationTest.java +++ b/src/test/java/org/opensearch/security/dlic/dlsfls/CCReplicationTest.java @@ -43,9 +43,9 @@ import org.opensearch.cluster.metadata.IndexNameExpressionResolver; import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.inject.Inject; -import org.opensearch.common.io.stream.NamedWriteableRegistry; -import org.opensearch.common.io.stream.StreamInput; -import org.opensearch.common.io.stream.StreamOutput; +import org.opensearch.core.common.io.stream.NamedWriteableRegistry; +import org.opensearch.core.common.io.stream.StreamInput; +import org.opensearch.core.common.io.stream.StreamOutput; import org.opensearch.common.settings.Settings; import org.opensearch.common.xcontent.XContentType; import org.opensearch.core.xcontent.NamedXContentRegistry; @@ -56,7 +56,7 @@ import org.opensearch.plugins.ActionPlugin; import org.opensearch.plugins.Plugin; import org.opensearch.repositories.RepositoriesService; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.script.ScriptService; import org.opensearch.security.OpenSearchSecurityPlugin; import org.opensearch.security.support.ConfigConstants; diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsFlsCrossClusterSearchTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsFlsCrossClusterSearchTest.java index a86c49d21d..c2d9454946 100644 --- a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsFlsCrossClusterSearchTest.java +++ b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsFlsCrossClusterSearchTest.java @@ -164,7 +164,7 @@ public void testCcs() throws Exception { Assert.assertFalse(ccs.getBody().contains("secret1")); Assert.assertFalse(ccs.getBody().contains("AnotherSecredField")); Assert.assertFalse(ccs.getBody().contains("xxx1")); - Assert.assertEquals(ccs.getHeaders().toString(), 2, ccs.getHeaders().size()); + Assert.assertEquals(ccs.getHeaders().toString(), 3, ccs.getHeaders().size()); } @Test @@ -251,7 +251,7 @@ public void testCcsDifferentConfig() throws Exception { Assert.assertTrue(ccs.getBody().contains("__fn__crl2")); Assert.assertFalse(ccs.getBody().contains("secret1")); Assert.assertFalse(ccs.getBody().contains("AnotherSecredField")); - Assert.assertEquals(ccs.getHeaders().toString(), 2, ccs.getHeaders().size()); + Assert.assertEquals(ccs.getHeaders().toString(), 3, ccs.getHeaders().size()); } @Test @@ -382,6 +382,6 @@ public void testCcsDifferentConfigBoth() throws Exception { Assert.assertFalse(ccs.getBody().contains("secret1")); Assert.assertFalse(ccs.getBody().contains("AnotherSecredField")); Assert.assertTrue(ccs.getBody().contains("someoneelse")); - Assert.assertEquals(ccs.getHeaders().toString(), 2, ccs.getHeaders().size()); + Assert.assertEquals(ccs.getHeaders().toString(), 3, ccs.getHeaders().size()); } } diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java index a9361d275a..48f63ec555 100644 --- a/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java +++ b/src/test/java/org/opensearch/security/dlic/dlsfls/DlsTest.java @@ -111,7 +111,8 @@ public void testDls() throws Exception { ); Assert.assertTrue(res.getBody().contains("\"value\" : 1,\n \"relation")); Assert.assertTrue(res.getBody().contains("\"failed\" : 0")); - Assert.assertEquals(res.getHeaders().toString(), 2, res.getHeaders().size()); + + Assert.assertEquals(res.getHeaders().toString(), 3, res.getHeaders().size()); Assert.assertEquals( HttpStatus.SC_OK, diff --git a/src/test/java/org/opensearch/security/http/proxy/HTTPExtendedProxyAuthenticatorTest.java b/src/test/java/org/opensearch/security/http/proxy/HTTPExtendedProxyAuthenticatorTest.java index 47d779cd12..085ea61668 100644 --- a/src/test/java/org/opensearch/security/http/proxy/HTTPExtendedProxyAuthenticatorTest.java +++ b/src/test/java/org/opensearch/security/http/proxy/HTTPExtendedProxyAuthenticatorTest.java @@ -37,7 +37,7 @@ import org.opensearch.OpenSearchSecurityException; import org.opensearch.action.ActionListener; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.common.util.concurrent.ThreadContext; import org.opensearch.core.xcontent.NamedXContentRegistry; @@ -46,7 +46,7 @@ import org.opensearch.http.HttpResponse; import org.opensearch.rest.RestRequest; import org.opensearch.rest.RestRequest.Method; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.support.ConfigConstants; import org.opensearch.security.user.AuthCredentials; diff --git a/src/test/java/org/opensearch/security/protected_indices/ProtectedIndicesTests.java b/src/test/java/org/opensearch/security/protected_indices/ProtectedIndicesTests.java index 0ff7d64de9..3d37c132c9 100644 --- a/src/test/java/org/opensearch/security/protected_indices/ProtectedIndicesTests.java +++ b/src/test/java/org/opensearch/security/protected_indices/ProtectedIndicesTests.java @@ -48,7 +48,7 @@ import org.opensearch.common.xcontent.XContentType; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.core.xcontent.XContentParser; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.support.ConfigConstants; import org.opensearch.security.test.DynamicSecurityConfig; import org.opensearch.security.test.SingleClusterTest; diff --git a/src/test/java/org/opensearch/security/system_indices/SystemIndicesTests.java b/src/test/java/org/opensearch/security/system_indices/SystemIndicesTests.java index e298ae45c7..b6f3254a85 100644 --- a/src/test/java/org/opensearch/security/system_indices/SystemIndicesTests.java +++ b/src/test/java/org/opensearch/security/system_indices/SystemIndicesTests.java @@ -32,7 +32,7 @@ import org.opensearch.common.xcontent.XContentType; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.core.xcontent.XContentParser; -import org.opensearch.rest.RestStatus; +import org.opensearch.core.rest.RestStatus; import org.opensearch.security.support.ConfigConstants; import org.opensearch.security.test.DynamicSecurityConfig; import org.opensearch.security.test.SingleClusterTest; diff --git a/src/test/java/org/opensearch/security/test/helper/file/FileHelper.java b/src/test/java/org/opensearch/security/test/helper/file/FileHelper.java index 9d554ebd06..90adca6a91 100644 --- a/src/test/java/org/opensearch/security/test/helper/file/FileHelper.java +++ b/src/test/java/org/opensearch/security/test/helper/file/FileHelper.java @@ -47,7 +47,7 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.io.Streams; import org.opensearch.common.xcontent.XContentFactory; import org.opensearch.common.xcontent.XContentType; diff --git a/src/test/java/org/opensearch/security/util/FakeRestRequest.java b/src/test/java/org/opensearch/security/util/FakeRestRequest.java index 05e69ef614..ceb86d6579 100644 --- a/src/test/java/org/opensearch/security/util/FakeRestRequest.java +++ b/src/test/java/org/opensearch/security/util/FakeRestRequest.java @@ -16,7 +16,7 @@ import java.util.List; import java.util.Map; -import org.opensearch.common.bytes.BytesReference; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.rest.RestRequest; public class FakeRestRequest extends RestRequest { From 8cb382994cb917446b0748d743bb3724951eb404 Mon Sep 17 00:00:00 2001 From: Craig Perkins Date: Tue, 18 Jul 2023 05:07:22 -0400 Subject: [PATCH 3/4] Use SNAPSHOT in bwc tests to run tests with latest commits (#3024) * Add -SNAPSHOT Signed-off-by: Craig Perkins * Build SNAPSHOT for security plugin in bwc tests Signed-off-by: Craig Perkins * Add -SNAPSHOT Signed-off-by: Craig Perkins --------- Signed-off-by: Craig Perkins --- .github/actions/create-bwc-build/action.yaml | 4 ++-- bwc-test/build.gradle | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/actions/create-bwc-build/action.yaml b/.github/actions/create-bwc-build/action.yaml index fcfa612a7d..a2bf324cdc 100644 --- a/.github/actions/create-bwc-build/action.yaml +++ b/.github/actions/create-bwc-build/action.yaml @@ -35,7 +35,7 @@ runs: - name: Build uses: gradle/gradle-build-action@v2 with: - arguments: assemble -Dbuild.snapshot=false + arguments: assemble build-root-directory: ${{ inputs.plugin-branch }} - id: get-opensearch-version @@ -46,5 +46,5 @@ runs: - name: Copy current distro into the expected folder run: | mkdir -p ./bwc-test/src/test/resources/${{ steps.get-opensearch-version.outputs.version }} - cp ${{ inputs.plugin-branch }}/build/distributions/opensearch-security-${{ steps.get-opensearch-version.outputs.version }}.zip ./bwc-test/src/test/resources/${{ steps.get-opensearch-version.outputs.version }} + cp ${{ inputs.plugin-branch }}/build/distributions/opensearch-security-${{ steps.get-opensearch-version.outputs.version }}-SNAPSHOT.zip ./bwc-test/src/test/resources/${{ steps.get-opensearch-version.outputs.version }} shell: bash diff --git a/bwc-test/build.gradle b/bwc-test/build.gradle index 9f5c752287..68b9f27e04 100644 --- a/bwc-test/build.gradle +++ b/bwc-test/build.gradle @@ -84,8 +84,8 @@ String baseName = "securityBwcCluster" String bwcFilePath = "src/test/resources/" String projectVersion = nextVersion -String previousOpenSearch = extractVersion(previousVersion); -String nextOpenSearch = extractVersion(nextVersion); +String previousOpenSearch = extractVersion(previousVersion) + "-SNAPSHOT"; +String nextOpenSearch = extractVersion(nextVersion) + "-SNAPSHOT"; println previousOpenSearch + nextOpenSearch; From f1be2d77b79f02c313c33b979ffd64e9f71a6f04 Mon Sep 17 00:00:00 2001 From: Craig Perkins Date: Tue, 18 Jul 2023 06:38:47 -0400 Subject: [PATCH 4/4] Add release notes for 2.9.0.0 (#2992) * Add release notes for 2.9.0.0 Signed-off-by: Craig Perkins * Add new item to release notes Signed-off-by: Craig Perkins --------- Signed-off-by: Craig Perkins --- ...ensearch-security.release-notes-2.9.0.0.md | 32 +++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 release-notes/opensearch-security.release-notes-2.9.0.0.md diff --git a/release-notes/opensearch-security.release-notes-2.9.0.0.md b/release-notes/opensearch-security.release-notes-2.9.0.0.md new file mode 100644 index 0000000000..281fa1b488 --- /dev/null +++ b/release-notes/opensearch-security.release-notes-2.9.0.0.md @@ -0,0 +1,32 @@ +## 2023-07-18 Version 2.9.0.0 + +Compatible with OpenSearch 2.9.0 + +### Enhancements + +* Use boucycastle PEM reader instead of reg expression ([#2877](https://github.com/opensearch-project/security/pull/2877)) +* Adding field level security test cases for FlatFields ([#2876](https://github.com/opensearch-project/security/pull/2876)) ([#2893](https://github.com/opensearch-project/security/pull/2893)) +* Add password message to /dashboardsinfo endpoint ([#2949](https://github.com/opensearch-project/security/pull/2949)) ([#2955](https://github.com/opensearch-project/security/pull/2955)) +* Add .plugins-ml-connector to system index ([#2947](https://github.com/opensearch-project/security/pull/2947)) ([#2954](https://github.com/opensearch-project/security/pull/2954)) +* Parallel test jobs for CI ([#2861](https://github.com/opensearch-project/security/pull/2861)) ([#2936](https://github.com/opensearch-project/security/pull/2936)) +* Adds a check to skip serialization-deserialization if request is for same node ([#2765](https://github.com/opensearch-project/security/pull/2765)) ([#2973](https://github.com/opensearch-project/security/pull/2973)) +* Add workflow cluster permissions to alerting roles and add .plugins-ml-config in the system index ([#2996](https://github.com/opensearch-project/security/pull/2996)) + +### Maintenance + +* Match version of zstd-jni from core ([#2835](https://github.com/opensearch-project/security/pull/2835)) +* Add Andrey Pleskach (Willyborankin) to Maintainers ([#2843](https://github.com/opensearch-project/security/pull/2843)) +* Updates bwc versions to latest release ([#2849](https://github.com/opensearch-project/security/pull/2849)) +* Add search model group permission to ml_read_access role ([#2855](https://github.com/opensearch-project/security/pull/2855)) ([#2858](https://github.com/opensearch-project/security/pull/2858)) +* Format 2.x ([#2878](https://github.com/opensearch-project/security/pull/2878)) +* Update snappy to 1.1.10.1 and guava to 32.0.1-jre ([#2886](https://github.com/opensearch-project/security/pull/2886)) ([#2889](https://github.com/opensearch-project/security/pull/2889)) +* Resolve ImmutableOpenMap issue from core refactor ([#2908](https://github.com/opensearch-project/security/pull/2908)) +* Misc changes ([#2902](https://github.com/opensearch-project/security/pull/2902)) ([#2904](https://github.com/opensearch-project/security/pull/2904)) +* Bump BouncyCastle from jdk15on to jdk15to18 ([#2901](https://github.com/opensearch-project/security/pull/2901)) ([#2917](https://github.com/opensearch-project/security/pull/2917)) +* Fix the import org.opensearch.core.common.Strings; and import org.opensearch.core.common.logging.LoggerMessageFormat; ([#2953](https://github.com/opensearch-project/security/pull/2953)) +* Remove commons-collections 3.2.2 ([#2924](https://github.com/opensearch-project/security/pull/2924)) ([#2957](https://github.com/opensearch-project/security/pull/2957)) +* Resolve CVE-2023-2976 by forcing use of Guava 32.0.1 ([#2937](https://github.com/opensearch-project/security/pull/2937)) ([#2974](https://github.com/opensearch-project/security/pull/2974)) +* Bump jaxb to 2.3.8 ([#2977](https://github.com/opensearch-project/security/pull/2977)) ([#2979](https://github.com/opensearch-project/security/pull/2979)) +* Update Gradle to 8.2.1 ([#2978](https://github.com/opensearch-project/security/pull/2978)) ([#2981](https://github.com/opensearch-project/security/pull/2981)) +* Changed maven repo location for compatibility check ([#2988](https://github.com/opensearch-project/security/pull/2988)) +* Bump guava to 32.1.1-jre ([#2976](https://github.com/opensearch-project/security/pull/2976)) ([#2990](https://github.com/opensearch-project/security/pull/2990))