From 905c97d4fed185362a12c4b46aa56ad8febabb4d Mon Sep 17 00:00:00 2001 From: Andriy Redko Date: Tue, 7 Nov 2023 16:30:29 -0500 Subject: [PATCH] Add import ordering to Spotless formatting rules (#3666) ### Description We have added Spotless formatting rules already, this pull request adds import ordering to Spotless formatting rules ### Issues Resolved Follow up on https://github.com/opensearch-project/security/pull/3651 ### Testing N/A ### Check List - [ ] New functionality includes testing - [ ] New functionality has been documented - [X] Commits are signed per the DCO using --signoff By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. For more information on following Developer Certificate of Origin and signing off your commits, please check [here](https://github.com/opensearch-project/OpenSearch/blob/main/CONTRIBUTING.md#developer-certificate-of-origin). Signed-off-by: Andriy Redko --- .../bwc/SecurityBackwardsCompatibilityIT.java | 7 ++- .../org/opensearch/security/bwc/Song.java | 9 +-- .../security/bwc/helper/RestHelper.java | 1 + gradle/formatting.gradle | 7 +++ .../security/DoNotFailOnForbiddenTests.java | 4 +- ...cksPreventionWithDomainChallengeTests.java | 1 + .../security/ResourceFocusedTests.java | 10 ++-- .../security/SearchOperationTest.java | 8 +-- .../org/opensearch/security/TlsTests.java | 1 - .../api/DashboardsInfoWithSettingsTest.java | 10 ++-- .../opensearch/security/http/AsyncTests.java | 16 ++--- .../security/http/JwtAuthenticationTests.java | 5 +- .../http/JwtAuthorizationHeaderFactory.java | 5 +- .../http/OnBehalfOfJwtAuthenticationTest.java | 14 ++--- .../ServiceAccountAuthenticationTest.java | 15 ++--- .../security/rest/AuthZinRestLayerTests.java | 1 + .../security/rest/CompressionTests.java | 15 +++-- .../opensearch/security/rest/WhoAmITests.java | 24 ++++---- .../test/framework/TestSecurityConfig.java | 2 +- .../cluster/CloseableHttpClientFactory.java | 1 - .../cluster/ContextHeaderDecoratorClient.java | 4 +- .../cluster/LocalOpenSearchCluster.java | 2 +- .../cluster/OpenSearchClientProvider.java | 2 +- .../test/framework/cluster/SocketUtils.java | 1 - .../framework/cluster/SocketUtilsTests.java | 3 +- .../framework/cluster/TestRestClient.java | 17 +++--- .../test/framework/ldap/LdapServer.java | 12 ++-- .../framework/log/LogCapturingAppender.java | 18 +++--- .../testplugins/AbstractRestHandler.java | 4 +- .../dummy/CustomLegacyTestPlugin.java | 8 +-- .../testplugins/dummy/LegacyRestHandler.java | 5 +- .../dummy/dummyaction/DummyRequest.java | 4 +- .../dummy/dummyaction/DummyResponse.java | 4 +- .../CustomRestProtectedTestPlugin.java | 8 +-- .../dummyaction/DummyRequest.java | 4 +- .../dummyaction/DummyResponse.java | 4 +- .../jwt/AbstractHTTPJwtAuthenticator.java | 20 +++---- .../auth/http/jwt/HTTPJwtAuthenticator.java | 16 ++--- ...TTPJwtKeyByOpenIdConnectAuthenticator.java | 4 +- .../auth/http/jwt/keybyoidc/JwtVerifier.java | 15 ++--- .../http/jwt/keybyoidc/KeySetRetriever.java | 8 +-- .../jwt/keybyoidc/SelfRefreshingKeySet.java | 5 +- .../kerberos/HTTPSpnegoAuthenticator.java | 24 ++++---- .../auth/http/kerberos/util/JaasKrbUtil.java | 1 - .../http/saml/AuthTokenProcessorHandler.java | 35 ++++++----- .../auth/http/saml/HTTPSamlAuthenticator.java | 49 ++++++++-------- .../auth/http/saml/Saml2SettingsProvider.java | 14 ++--- .../saml/SamlFilesystemMetadataResolver.java | 6 +- .../http/saml/SamlHTTPMetadataResolver.java | 8 +-- .../com/amazon/dlic/auth/ldap/LdapUser.java | 9 ++- .../backend/LDAPAuthenticationBackend.java | 22 +++---- .../backend/LDAPAuthorizationBackend.java | 35 ++++++----- .../dlic/auth/ldap/util/LdapHelper.java | 5 +- .../com/amazon/dlic/auth/ldap/util/Utils.java | 5 +- .../ldap2/LDAPAuthenticationBackend2.java | 28 ++++----- .../auth/ldap2/LDAPAuthorizationBackend2.java | 31 +++++----- .../ldap2/LDAPConnectionFactoryFactory.java | 12 ++-- .../dlic/auth/ldap2/LDAPUserSearcher.java | 12 ++-- .../dlic/auth/ldap2/MakeJava9Happy.java | 4 +- .../dlic/auth/ldap2/PrivilegedProvider.java | 4 +- .../util/SettingsBasedSSLConfigurator.java | 1 - .../util/SettingsBasedSSLConfiguratorV4.java | 1 - .../security/DefaultObjectMapper.java | 2 +- .../security/OpenSearchSecurityPlugin.java | 58 +++++++++---------- .../TransportConfigUpdateAction.java | 2 +- .../onbehalf/CreateOnBehalfOfTokenAction.java | 2 +- .../action/whoami/TransportWhoAmIAction.java | 2 +- .../security/auditlog/AuditLog.java | 2 +- .../security/auditlog/NullAuditLog.java | 2 +- .../security/auditlog/config/AuditConfig.java | 8 +-- .../auditlog/impl/AbstractAuditLog.java | 13 +++-- .../security/auditlog/impl/AuditLogImpl.java | 6 +- .../security/auditlog/impl/AuditMessage.java | 17 +++--- .../auditlog/impl/RequestResolver.java | 8 +-- .../security/auditlog/sink/AuditLogSink.java | 7 ++- .../security/auditlog/sink/DebugSink.java | 1 + .../auditlog/sink/ExternalOpenSearchSink.java | 6 +- .../auditlog/sink/InternalOpenSearchSink.java | 6 +- .../security/auditlog/sink/WebhookSink.java | 2 +- .../security/auth/BackendRegistry.java | 4 +- .../security/auth/UserInjector.java | 2 +- .../InternalAuthenticationBackend.java | 3 +- .../jwt/EncryptionDecryptionUtil.java | 1 - .../security/authtoken/jwt/JwtVendor.java | 10 ++-- .../authtoken/jwt/KeyPaddingUtil.java | 3 +- .../security/compliance/ComplianceConfig.java | 23 ++++---- ...mplianceIndexingOperationListenerImpl.java | 2 +- .../compliance/FieldReadCallback.java | 5 +- .../security/configuration/AdminDNs.java | 1 - .../security/configuration/CompatConfig.java | 3 +- .../ConfigurationLoaderSecurity7.java | 4 +- .../ConfigurationRepository.java | 2 +- .../configuration/DlsFlsFilterLeafReader.java | 6 +- .../configuration/DlsFlsRequestValve.java | 2 +- .../configuration/DlsFlsValveImpl.java | 4 +- .../SecurityFlsDlsIndexSearcherWrapper.java | 2 +- .../SecurityIndexSearcherWrapper.java | 5 +- .../dlic/rest/api/AbstractApiAction.java | 20 ++++--- .../dlic/rest/api/AccountApiAction.java | 9 +-- .../dlic/rest/api/ActionGroupsApiAction.java | 11 ++-- .../dlic/rest/api/AllowlistApiAction.java | 7 ++- .../dlic/rest/api/AuditApiAction.java | 15 ++--- .../rest/api/AuthTokenProcessorAction.java | 6 +- .../dlic/rest/api/FlushCacheApiAction.java | 5 +- .../dlic/rest/api/InternalUsersApiAction.java | 11 ++-- .../dlic/rest/api/MigrateApiAction.java | 9 +-- .../rest/api/MultiTenancyConfigApiAction.java | 18 +++--- .../dlic/rest/api/NodesDnApiAction.java | 2 +- .../dlic/rest/api/PermissionsInfoAction.java | 2 +- .../dlic/rest/api/RequestHandler.java | 16 ++--- .../security/dlic/rest/api/Responses.java | 4 +- .../api/RestApiAdminPrivilegesEvaluator.java | 2 +- .../dlic/rest/api/RolesApiAction.java | 17 +++--- .../dlic/rest/api/RolesMappingApiAction.java | 2 +- .../rest/api/SecurityConfigApiAction.java | 7 ++- .../dlic/rest/api/SecurityConfiguration.java | 7 ++- .../dlic/rest/api/SecurityRestApiActions.java | 8 +-- .../rest/api/SecuritySSLCertsApiAction.java | 15 ++--- .../dlic/rest/api/TenantsApiAction.java | 2 +- .../dlic/rest/api/ValidateApiAction.java | 8 +-- .../security/dlic/rest/support/Utils.java | 8 +-- .../rest/validation/EndpointValidator.java | 8 +-- .../rest/validation/PasswordValidator.java | 20 ++++--- .../validation/RequestContentValidator.java | 17 +++--- .../rest/validation/ValidationResult.java | 8 +-- .../filter/DelegatingRestHandler.java | 6 +- .../security/filter/NettyRequest.java | 5 +- .../security/filter/NettyRequestChannel.java | 4 +- .../security/filter/OpenSearchRequest.java | 1 - .../security/filter/SecurityFilter.java | 6 +- .../security/filter/SecurityRequest.java | 1 - .../filter/SecurityRequestFactory.java | 3 +- .../security/filter/SecurityResponse.java | 1 + .../security/filter/SecurityRestFilter.java | 4 +- .../security/filter/SecurityRestUtils.java | 8 +-- .../http/HTTPClientCertAuthenticator.java | 1 - .../http/OnBehalfOfAuthenticator.java | 9 +-- .../http/SecurityHttpServerTransport.java | 3 +- .../SecurityNonSslHttpServerTransport.java | 8 +-- .../opensearch/security/http/XFFResolver.java | 5 +- .../security/httpclient/HttpClient.java | 1 - .../identity/SecurityTokenManager.java | 6 +- .../opensaml/integration/CleanerFactory.java | 7 ++- .../integration/SecurityX509CRLImpl.java | 12 ++-- .../SecurityX509CertificateImpl.java | 12 ++-- .../SecurityXMLObjectProviderInitializer.java | 9 +-- .../privileges/PrivilegesEvaluator.java | 5 +- .../RestLayerPrivilegesEvaluator.java | 5 +- .../SecurityIndexAccessEvaluator.java | 13 +++-- .../resolver/IndexResolverReplacer.java | 3 +- .../security/rest/DashboardsInfoAction.java | 2 +- .../rest/SecurityConfigUpdateAction.java | 2 +- .../security/rest/SecurityHealthAction.java | 2 +- .../security/rest/SecurityInfoAction.java | 4 +- .../security/rest/SecurityWhoAmIAction.java | 2 +- .../security/rest/TenantInfoAction.java | 2 +- .../security/securityconf/ConfigModelV6.java | 2 +- .../security/securityconf/ConfigModelV7.java | 2 +- .../securityconf/DynamicConfigFactory.java | 9 +-- .../impl/AllowlistingSettings.java | 1 + .../impl/WhitelistingSettings.java | 1 + .../security/ssl/DefaultSecurityKeyStore.java | 33 +++++------ .../ssl/ExternalSecurityKeyStore.java | 1 - .../ssl/OpenSearchSecuritySSLPlugin.java | 7 ++- .../security/ssl/SecureSSLSettings.java | 2 +- .../security/ssl/SecurityKeyStore.java | 1 - .../netty/Netty4ConditionalDecompressor.java | 4 +- .../Netty4HttpRequestHeaderVerifier.java | 24 ++++---- .../SecuritySSLNettyHttpServerTransport.java | 17 +++--- .../ssl/http/netty/ValidatingDispatcher.java | 3 +- .../ssl/rest/SecuritySSLInfoAction.java | 5 +- .../transport/DefaultPrincipalExtractor.java | 1 - .../ssl/transport/DualModeSSLHandler.java | 14 ++--- .../transport/SecuritySSLNettyTransport.java | 18 +++--- .../transport/SecuritySSLRequestHandler.java | 4 +- .../security/ssl/util/SSLRequestHelper.java | 1 - .../security/support/Base64CustomHelper.java | 12 ++-- .../security/support/ConfigHelper.java | 2 +- .../security/support/HTTPHelper.java | 1 + .../security/support/ModuleInfo.java | 8 +-- .../security/support/PemKeyReader.java | 3 +- .../support/SafeSerializationUtils.java | 22 +++---- .../security/tools/SecurityAdmin.java | 11 ++-- .../DefaultInterClusterRequestEvaluator.java | 3 +- .../transport/SecurityInterceptor.java | 6 +- .../transport/SecurityRequestHandler.java | 2 +- .../opensearch/security/user/UserService.java | 3 +- .../opensearch/security/util/KeyUtils.java | 18 +++--- .../http/jwt/HTTPJwtAuthenticatorTest.java | 10 ++-- .../jwt/keybyoidc/KeySetRetrieverTest.java | 5 +- .../http/jwt/keybyoidc/MockIpdServer.java | 4 +- .../keybyoidc/SelfRefreshingKeySetTest.java | 5 +- .../auth/http/jwt/keybyoidc/TestJwts.java | 3 +- .../http/saml/HTTPSamlAuthenticatorTest.java | 16 ++--- .../auth/http/saml/MockSamlIdpServer.java | 14 ++--- .../dlic/auth/ldap/LdapBackendIntegTest.java | 4 +- .../dlic/auth/ldap/LdapBackendTest.java | 20 +++---- .../auth/ldap/LdapBackendTestClientCert.java | 6 +- .../ldap/LdapBackendTestNewStyleConfig.java | 18 +++--- .../amazon/dlic/auth/ldap/srv/LdapServer.java | 13 +++-- .../auth/ldap2/LdapBackendIntegTest2.java | 4 +- .../ldap2/LdapBackendTestClientCert2.java | 6 +- .../ldap2/LdapBackendTestNewStyleConfig2.java | 22 +++---- .../ldap2/LdapBackendTestOldStyleConfig2.java | 22 +++---- .../org/opensearch/node/PluginAwareNode.java | 6 +- .../security/HttpIntegrationTests.java | 9 +-- .../opensearch/security/IntegrationTests.java | 3 +- .../security/RolesInjectorIntegTest.java | 2 +- .../security/RolesValidationIntegTest.java | 2 +- .../TransportUserInjectorIntegTest.java | 2 +- .../security/UserServiceUnitTests.java | 13 +++-- .../org/opensearch/security/UtilTests.java | 2 +- .../auditlog/AbstractAuditlogiUnitTest.java | 7 ++- .../config/AuditConfigFilterTest.java | 8 +-- .../config/AuditConfigSerializeTest.java | 8 +-- .../auditlog/impl/AuditMessageTest.java | 2 +- .../security/auditlog/sink/KafkaSinkTest.java | 3 +- .../auditlog/sink/SinkProviderTLSTest.java | 1 - .../auditlog/sink/WebhookAuditLogTest.java | 1 - .../auth/InternalAuthBackendTests.java | 3 +- .../security/auth/RolesInjectorTest.java | 2 +- .../security/auth/UserInjectorTest.java | 3 +- .../limiting/AddressBasedRateLimiterTest.java | 4 +- .../authtoken/jwt/AuthTokenUtilsTest.java | 7 ++- .../jwt/EncryptionDecryptionUtilsTest.java | 3 +- .../security/authtoken/jwt/JwtVendorTest.java | 7 +-- .../authtoken/jwt/KeyPaddingUtilTest.java | 3 +- .../security/configuration/SaltTest.java | 2 +- .../dlic/dlsfls/CCReplicationTest.java | 10 ++-- .../security/dlic/dlsfls/FlsFlatTests.java | 10 ++-- .../RenameFieldResponseProcessorTest.java | 5 +- .../api/AbstractApiActionValidationTest.java | 12 ++-- ...AccountApiActionConfigValidationsTest.java | 6 +- .../dlic/rest/api/AccountApiTest.java | 2 +- .../ActionGroupsApiActionValidationTest.java | 4 +- .../dlic/rest/api/AllowlistApiTest.java | 4 +- ...tApiActionRequestContentValidatorTest.java | 11 ++-- .../dlic/rest/api/AuditApiActionTest.java | 10 ++-- .../api/AuditApiActionValidationTest.java | 5 +- .../InternalUsersApiActionValidationTest.java | 14 +++-- .../api/NodesDnApiActionValidationTest.java | 1 + .../dlic/rest/api/NodesDnApiTest.java | 2 +- .../rest/api/RequestHandlersBuilderTest.java | 14 +++-- .../dlic/rest/api/RoleBasedAccessTest.java | 3 +- ...sApiActionRequestContentValidatorTest.java | 5 +- .../api/RolesApiActionValidationTest.java | 4 +- .../security/dlic/rest/api/RolesApiTest.java | 5 +- .../RolesMappingApiActionValidationTest.java | 7 ++- ...SecurityConfigApiActionValidationTest.java | 5 +- .../rest/api/SecurityConfigurationTest.java | 5 +- ...curitySSLCertsApiActionValidationTest.java | 5 +- .../dlic/rest/api/SslCertsApiTest.java | 2 +- .../security/dlic/rest/api/UserApiTest.java | 3 +- .../dlic/rest/api/WhitelistApiTest.java | 4 +- .../validation/EndpointValidatorTest.java | 12 ++-- .../validation/PasswordValidatorTest.java | 2 +- .../RequestContentValidatorTest.java | 18 +++--- .../filter/DelegatingRestHandlerTests.java | 13 +++-- .../security/filter/RestPathMatchesTests.java | 6 +- .../security/filter/SecurityFilterTests.java | 7 ++- .../filter/SecurityRestFilterUnitTests.java | 5 +- .../filter/SecurityRestUtilsTests.java | 6 +- .../http/OnBehalfOfAuthenticatorTest.java | 24 ++++---- .../HTTPExtendedProxyAuthenticatorTest.java | 6 +- .../identity/SecurityTokenManagerTest.java | 11 ++-- .../PrivilegesEvaluatorUnitTest.java | 8 +-- .../RestLayerPrivilegesEvaluatorTest.java | 10 ++-- .../SecurityIndexAccessEvaluatorTest.java | 17 +++--- .../ProtectedIndicesTests.java | 2 +- .../SecurityRolesPermissionsTest.java | 7 ++- .../SecurityRolesPermissionsV6Test.java | 18 +++--- .../securityconf/impl/v6/ConfigV6Test.java | 2 +- .../securityconf/impl/v7/ConfigV7Test.java | 2 +- .../impl/v7/IndexPatternTests.java | 7 ++- .../setting/DeprecatedSettingsTest.java | 7 ++- .../opensearch/security/ssl/OpenSSLTest.java | 5 +- .../org/opensearch/security/ssl/SSLTest.java | 4 +- .../SecuritySSLReloadCertsActionTests.java | 11 ++-- .../transport/DualModeSSLHandlerTests.java | 13 +++-- .../ssl/util/SSLConnectionTestUtilTests.java | 1 + .../security/ssl/util/TLSUtilTests.java | 5 +- .../support/Base64CustomHelperTest.java | 16 ++--- .../security/support/Base64JDKHelperTest.java | 13 +++-- .../support/StreamableRegistryTest.java | 5 +- .../AbstractSystemIndicesTests.java | 5 +- .../SystemIndexDisabledTests.java | 5 +- .../SystemIndexPermissionDisabledTests.java | 5 +- .../SystemIndexPermissionEnabledTests.java | 1 + .../test/AbstractSecurityUnitTest.java | 4 +- .../test/helper/cluster/ClusterHelper.java | 2 +- .../security/test/helper/file/FileHelper.java | 2 +- .../test/helper/network/SocketUtils.java | 1 - .../security/test/helper/rest/RestHelper.java | 1 - .../transport/SecurityInterceptorTests.java | 15 ++--- .../SecuritySSLRequestHandlerTests.java | 6 +- .../SettingsBasedSSLConfiguratorV4Test.java | 7 +-- 296 files changed, 1185 insertions(+), 1078 deletions(-) diff --git a/bwc-test/src/test/java/org/opensearch/security/bwc/SecurityBackwardsCompatibilityIT.java b/bwc-test/src/test/java/org/opensearch/security/bwc/SecurityBackwardsCompatibilityIT.java index 1647dbb132..9fe3bb1ef8 100644 --- a/bwc-test/src/test/java/org/opensearch/security/bwc/SecurityBackwardsCompatibilityIT.java +++ b/bwc-test/src/test/java/org/opensearch/security/bwc/SecurityBackwardsCompatibilityIT.java @@ -35,6 +35,8 @@ import org.junit.Assert; import org.junit.Assume; import org.junit.Before; + +import org.opensearch.Version; import org.opensearch.client.Response; import org.opensearch.client.ResponseException; import org.opensearch.client.RestClient; @@ -45,12 +47,11 @@ import org.opensearch.common.util.io.IOUtils; import org.opensearch.security.bwc.helper.RestHelper; import org.opensearch.test.rest.OpenSearchRestTestCase; -import org.opensearch.Version; -import static org.hamcrest.Matchers.hasItem; -import static org.hamcrest.Matchers.hasKey; import static org.hamcrest.Matchers.anyOf; import static org.hamcrest.Matchers.equalTo; +import static org.hamcrest.Matchers.hasItem; +import static org.hamcrest.Matchers.hasKey; public class SecurityBackwardsCompatibilityIT extends OpenSearchRestTestCase { diff --git a/bwc-test/src/test/java/org/opensearch/security/bwc/Song.java b/bwc-test/src/test/java/org/opensearch/security/bwc/Song.java index 3cfd2c03e8..f60d5f0fcb 100644 --- a/bwc-test/src/test/java/org/opensearch/security/bwc/Song.java +++ b/bwc-test/src/test/java/org/opensearch/security/bwc/Song.java @@ -9,14 +9,15 @@ */ package org.opensearch.security.bwc; -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.ObjectMapper; -import org.opensearch.common.Randomness; - import java.util.Map; import java.util.Objects; import java.util.UUID; +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; + +import org.opensearch.common.Randomness; + public class Song { public static final String FIELD_TITLE = "title"; diff --git a/bwc-test/src/test/java/org/opensearch/security/bwc/helper/RestHelper.java b/bwc-test/src/test/java/org/opensearch/security/bwc/helper/RestHelper.java index 3272ac736a..08e1417082 100644 --- a/bwc-test/src/test/java/org/opensearch/security/bwc/helper/RestHelper.java +++ b/bwc-test/src/test/java/org/opensearch/security/bwc/helper/RestHelper.java @@ -18,6 +18,7 @@ import org.apache.hc.core5.http.message.BasicHeader; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; + import org.opensearch.client.Request; import org.opensearch.client.RequestOptions; import org.opensearch.client.Response; diff --git a/gradle/formatting.gradle b/gradle/formatting.gradle index de52b51c83..2248c1d9a0 100644 --- a/gradle/formatting.gradle +++ b/gradle/formatting.gradle @@ -6,6 +6,13 @@ allprojects { // non-standard places target '**/*.java' + importOrder( + 'java|javax', + 'com.carrotsearch|com.google|com.fasterxml|org.apache|org.awaitility|org.hamcrest|org.junit|org.bouncycastle', + 'org.opensearch', + '', + '\\#java|\\#org.apache|\\#org.hamcrest|\\#org.opensearch|\\#' + ) removeUnusedImports() eclipse().configFile rootProject.file('formatter/formatterConfig.xml') trimTrailingWhitespace() diff --git a/src/integrationTest/java/org/opensearch/security/DoNotFailOnForbiddenTests.java b/src/integrationTest/java/org/opensearch/security/DoNotFailOnForbiddenTests.java index afbb9f38ae..207564daaa 100644 --- a/src/integrationTest/java/org/opensearch/security/DoNotFailOnForbiddenTests.java +++ b/src/integrationTest/java/org/opensearch/security/DoNotFailOnForbiddenTests.java @@ -44,13 +44,13 @@ import org.opensearch.test.framework.cluster.LocalCluster; import static org.hamcrest.MatcherAssert.assertThat; -import static org.hamcrest.Matchers.allOf; import static org.hamcrest.Matchers.aMapWithSize; +import static org.hamcrest.Matchers.allOf; import static org.hamcrest.Matchers.arrayContainingInAnyOrder; import static org.hamcrest.Matchers.arrayWithSize; import static org.hamcrest.Matchers.containsString; -import static org.hamcrest.Matchers.hasKey; import static org.hamcrest.Matchers.equalTo; +import static org.hamcrest.Matchers.hasKey; import static org.hamcrest.Matchers.nullValue; import static org.opensearch.action.admin.indices.alias.IndicesAliasesRequest.AliasActions.Type.ADD; import static org.opensearch.action.support.WriteRequest.RefreshPolicy.IMMEDIATE; diff --git a/src/integrationTest/java/org/opensearch/security/IpBruteForceAttacksPreventionWithDomainChallengeTests.java b/src/integrationTest/java/org/opensearch/security/IpBruteForceAttacksPreventionWithDomainChallengeTests.java index 6159599119..cd2c577d17 100644 --- a/src/integrationTest/java/org/opensearch/security/IpBruteForceAttacksPreventionWithDomainChallengeTests.java +++ b/src/integrationTest/java/org/opensearch/security/IpBruteForceAttacksPreventionWithDomainChallengeTests.java @@ -12,6 +12,7 @@ import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope; import org.junit.runner.RunWith; + import org.opensearch.test.framework.cluster.ClusterManager; import org.opensearch.test.framework.cluster.LocalCluster; diff --git a/src/integrationTest/java/org/opensearch/security/ResourceFocusedTests.java b/src/integrationTest/java/org/opensearch/security/ResourceFocusedTests.java index 5d441d0063..61a1e32023 100644 --- a/src/integrationTest/java/org/opensearch/security/ResourceFocusedTests.java +++ b/src/integrationTest/java/org/opensearch/security/ResourceFocusedTests.java @@ -10,10 +10,6 @@ package org.opensearch.security; -import static org.opensearch.action.support.WriteRequest.RefreshPolicy.IMMEDIATE; -import static org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.AUTHC_HTTPBASIC_INTERNAL; -import static org.opensearch.test.framework.TestSecurityConfig.Role.ALL_ACCESS; - import java.io.ByteArrayOutputStream; import java.io.IOException; import java.nio.charset.StandardCharsets; @@ -23,6 +19,7 @@ import java.util.stream.IntStream; import java.util.zip.GZIPOutputStream; +import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope; import org.apache.hc.client5.http.classic.methods.HttpPost; import org.apache.hc.core5.http.ContentType; import org.apache.hc.core5.http.io.entity.ByteArrayEntity; @@ -34,6 +31,7 @@ import org.junit.ClassRule; import org.junit.Test; import org.junit.runner.RunWith; + import org.opensearch.action.index.IndexRequest; import org.opensearch.client.Client; import org.opensearch.test.framework.AsyncActions; @@ -43,7 +41,9 @@ import org.opensearch.test.framework.cluster.LocalCluster; import org.opensearch.test.framework.cluster.TestRestClient; -import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope; +import static org.opensearch.action.support.WriteRequest.RefreshPolicy.IMMEDIATE; +import static org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.AUTHC_HTTPBASIC_INTERNAL; +import static org.opensearch.test.framework.TestSecurityConfig.Role.ALL_ACCESS; @RunWith(com.carrotsearch.randomizedtesting.RandomizedRunner.class) @ThreadLeakScope(ThreadLeakScope.Scope.NONE) diff --git a/src/integrationTest/java/org/opensearch/security/SearchOperationTest.java b/src/integrationTest/java/org/opensearch/security/SearchOperationTest.java index a38d26800a..e39eeeca61 100644 --- a/src/integrationTest/java/org/opensearch/security/SearchOperationTest.java +++ b/src/integrationTest/java/org/opensearch/security/SearchOperationTest.java @@ -86,13 +86,13 @@ import org.opensearch.cluster.metadata.IndexMetadata; import org.opensearch.cluster.metadata.IndexTemplateMetadata; import org.opensearch.common.settings.Settings; +import org.opensearch.core.rest.RestStatus; import org.opensearch.index.query.BoolQueryBuilder; import org.opensearch.index.query.MatchQueryBuilder; import org.opensearch.index.query.QueryBuilders; import org.opensearch.index.reindex.BulkByScrollResponse; import org.opensearch.index.reindex.ReindexRequest; import org.opensearch.repositories.RepositoryMissingException; -import org.opensearch.core.rest.RestStatus; import org.opensearch.search.builder.SearchSourceBuilder; import org.opensearch.test.framework.AuditCompliance; import org.opensearch.test.framework.AuditConfiguration; @@ -118,13 +118,13 @@ import static org.opensearch.action.admin.indices.alias.IndicesAliasesRequest.AliasActions.Type.REMOVE_INDEX; import static org.opensearch.action.support.WriteRequest.RefreshPolicy.IMMEDIATE; import static org.opensearch.client.RequestOptions.DEFAULT; +import static org.opensearch.core.rest.RestStatus.ACCEPTED; +import static org.opensearch.core.rest.RestStatus.FORBIDDEN; +import static org.opensearch.core.rest.RestStatus.INTERNAL_SERVER_ERROR; import static org.opensearch.rest.RestRequest.Method.DELETE; import static org.opensearch.rest.RestRequest.Method.GET; import static org.opensearch.rest.RestRequest.Method.POST; import static org.opensearch.rest.RestRequest.Method.PUT; -import static org.opensearch.core.rest.RestStatus.ACCEPTED; -import static org.opensearch.core.rest.RestStatus.FORBIDDEN; -import static org.opensearch.core.rest.RestStatus.INTERNAL_SERVER_ERROR; import static org.opensearch.security.Song.FIELD_ARTIST; import static org.opensearch.security.Song.FIELD_STARS; import static org.opensearch.security.Song.FIELD_TITLE; diff --git a/src/integrationTest/java/org/opensearch/security/TlsTests.java b/src/integrationTest/java/org/opensearch/security/TlsTests.java index de362a544e..515d448728 100644 --- a/src/integrationTest/java/org/opensearch/security/TlsTests.java +++ b/src/integrationTest/java/org/opensearch/security/TlsTests.java @@ -12,7 +12,6 @@ import java.io.IOException; import java.util.List; import java.util.Map; - import javax.net.ssl.SSLHandshakeException; import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope; diff --git a/src/integrationTest/java/org/opensearch/security/api/DashboardsInfoWithSettingsTest.java b/src/integrationTest/java/org/opensearch/security/api/DashboardsInfoWithSettingsTest.java index 7807798210..6e4444d049 100644 --- a/src/integrationTest/java/org/opensearch/security/api/DashboardsInfoWithSettingsTest.java +++ b/src/integrationTest/java/org/opensearch/security/api/DashboardsInfoWithSettingsTest.java @@ -11,16 +11,14 @@ package org.opensearch.security.api; -import static org.hamcrest.MatcherAssert.assertThat; -import static org.hamcrest.Matchers.equalTo; -import static org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.AUTHC_HTTPBASIC_INTERNAL; - import java.util.Map; +import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope; import org.apache.http.HttpStatus; import org.junit.ClassRule; import org.junit.Test; import org.junit.runner.RunWith; + import org.opensearch.security.support.ConfigConstants; import org.opensearch.test.framework.TestSecurityConfig; import org.opensearch.test.framework.TestSecurityConfig.Role; @@ -28,7 +26,9 @@ import org.opensearch.test.framework.cluster.LocalCluster; import org.opensearch.test.framework.cluster.TestRestClient; -import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope; +import static org.hamcrest.MatcherAssert.assertThat; +import static org.hamcrest.Matchers.equalTo; +import static org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.AUTHC_HTTPBASIC_INTERNAL; @RunWith(com.carrotsearch.randomizedtesting.RandomizedRunner.class) @ThreadLeakScope(ThreadLeakScope.Scope.NONE) diff --git a/src/integrationTest/java/org/opensearch/security/http/AsyncTests.java b/src/integrationTest/java/org/opensearch/security/http/AsyncTests.java index ee46fb3905..16ebd29885 100644 --- a/src/integrationTest/java/org/opensearch/security/http/AsyncTests.java +++ b/src/integrationTest/java/org/opensearch/security/http/AsyncTests.java @@ -10,12 +10,19 @@ package org.opensearch.security.http; -import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope; +import java.util.ArrayList; +import java.util.List; +import java.util.Map; +import java.util.concurrent.CompletableFuture; +import java.util.concurrent.CountDownLatch; +import java.util.concurrent.TimeUnit; +import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope; import org.apache.hc.core5.http.HttpStatus; import org.junit.ClassRule; import org.junit.Test; import org.junit.runner.RunWith; + import org.opensearch.security.IndexOperationsHelper; import org.opensearch.security.support.ConfigConstants; import org.opensearch.test.framework.AsyncActions; @@ -25,13 +32,6 @@ import org.opensearch.test.framework.cluster.TestRestClient; import org.opensearch.test.framework.cluster.TestRestClient.HttpResponse; -import java.util.Map; -import java.util.List; -import java.util.ArrayList; -import java.util.concurrent.CountDownLatch; -import java.util.concurrent.TimeUnit; -import java.util.concurrent.CompletableFuture; - import static org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.AUTHC_HTTPBASIC_INTERNAL; import static org.opensearch.test.framework.TestSecurityConfig.Role.ALL_ACCESS; diff --git a/src/integrationTest/java/org/opensearch/security/http/JwtAuthenticationTests.java b/src/integrationTest/java/org/opensearch/security/http/JwtAuthenticationTests.java index 9df611e207..659d7c178e 100644 --- a/src/integrationTest/java/org/opensearch/security/http/JwtAuthenticationTests.java +++ b/src/integrationTest/java/org/opensearch/security/http/JwtAuthenticationTests.java @@ -16,8 +16,6 @@ import java.util.Map; import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope; -import io.jsonwebtoken.SignatureAlgorithm; -import io.jsonwebtoken.security.Keys; import org.apache.hc.core5.http.Header; import org.apache.hc.core5.http.message.BasicHeader; import org.junit.BeforeClass; @@ -39,6 +37,9 @@ import org.opensearch.test.framework.cluster.TestRestClient.HttpResponse; import org.opensearch.test.framework.log.LogsRule; +import io.jsonwebtoken.SignatureAlgorithm; +import io.jsonwebtoken.security.Keys; + import static java.nio.charset.StandardCharsets.US_ASCII; import static org.apache.http.HttpHeaders.AUTHORIZATION; import static org.hamcrest.MatcherAssert.assertThat; diff --git a/src/integrationTest/java/org/opensearch/security/http/JwtAuthorizationHeaderFactory.java b/src/integrationTest/java/org/opensearch/security/http/JwtAuthorizationHeaderFactory.java index 65d4e7df6f..b19900186c 100644 --- a/src/integrationTest/java/org/opensearch/security/http/JwtAuthorizationHeaderFactory.java +++ b/src/integrationTest/java/org/opensearch/security/http/JwtAuthorizationHeaderFactory.java @@ -17,13 +17,14 @@ import java.util.stream.Collectors; import com.google.common.collect.ImmutableMap; -import io.jsonwebtoken.Jwts; import org.apache.commons.lang3.StringUtils; import org.apache.hc.core5.http.Header; import org.apache.hc.core5.http.message.BasicHeader; -import static io.jsonwebtoken.SignatureAlgorithm.RS256; +import io.jsonwebtoken.Jwts; + import static java.util.Objects.requireNonNull; +import static io.jsonwebtoken.SignatureAlgorithm.RS256; class JwtAuthorizationHeaderFactory { public static final String AUDIENCE = "OpenSearch"; diff --git a/src/integrationTest/java/org/opensearch/security/http/OnBehalfOfJwtAuthenticationTest.java b/src/integrationTest/java/org/opensearch/security/http/OnBehalfOfJwtAuthenticationTest.java index 1233e23341..2b56573dfe 100644 --- a/src/integrationTest/java/org/opensearch/security/http/OnBehalfOfJwtAuthenticationTest.java +++ b/src/integrationTest/java/org/opensearch/security/http/OnBehalfOfJwtAuthenticationTest.java @@ -18,14 +18,9 @@ import java.util.Map; import java.util.Set; import java.util.stream.Collectors; - import javax.crypto.SecretKey; import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope; -import io.jsonwebtoken.Claims; -import io.jsonwebtoken.Jwts; -import io.jsonwebtoken.security.Keys; - import org.apache.hc.core5.http.Header; import org.apache.hc.core5.http.HttpStatus; import org.apache.hc.core5.http.message.BasicHeader; @@ -33,6 +28,7 @@ import org.junit.ClassRule; import org.junit.Test; import org.junit.runner.RunWith; + import org.opensearch.common.xcontent.XContentFactory; import org.opensearch.core.xcontent.XContentBuilder; import org.opensearch.security.authtoken.jwt.EncryptionDecryptionUtil; @@ -43,11 +39,15 @@ import org.opensearch.test.framework.cluster.LocalCluster; import org.opensearch.test.framework.cluster.TestRestClient; +import io.jsonwebtoken.Claims; +import io.jsonwebtoken.Jwts; +import io.jsonwebtoken.security.Keys; + import static org.hamcrest.MatcherAssert.assertThat; +import static org.hamcrest.Matchers.contains; import static org.hamcrest.Matchers.equalTo; -import static org.hamcrest.Matchers.notNullValue; import static org.hamcrest.Matchers.not; -import static org.hamcrest.Matchers.contains; +import static org.hamcrest.Matchers.notNullValue; import static org.opensearch.security.support.ConfigConstants.SECURITY_ALLOW_DEFAULT_INIT_SECURITYINDEX; import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_ADMIN_ENABLED; import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_ROLES_ENABLED; diff --git a/src/integrationTest/java/org/opensearch/security/http/ServiceAccountAuthenticationTest.java b/src/integrationTest/java/org/opensearch/security/http/ServiceAccountAuthenticationTest.java index 04f943edcf..762feed686 100644 --- a/src/integrationTest/java/org/opensearch/security/http/ServiceAccountAuthenticationTest.java +++ b/src/integrationTest/java/org/opensearch/security/http/ServiceAccountAuthenticationTest.java @@ -11,28 +11,29 @@ package org.opensearch.security.http; +import java.util.List; +import java.util.Map; + import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope; import org.apache.hc.core5.http.HttpStatus; import org.junit.ClassRule; import org.junit.Test; import org.junit.runner.RunWith; + import org.opensearch.test.framework.TestIndex; import org.opensearch.test.framework.TestSecurityConfig; import org.opensearch.test.framework.cluster.ClusterManager; import org.opensearch.test.framework.cluster.LocalCluster; import org.opensearch.test.framework.cluster.TestRestClient; -import java.util.List; -import java.util.Map; - -import static org.junit.Assert.assertTrue; -import static org.junit.Assert.assertNotNull; -import static org.opensearch.security.support.ConfigConstants.SECURITY_SYSTEM_INDICES_ENABLED_KEY; -import static org.opensearch.security.support.ConfigConstants.SECURITY_SYSTEM_INDICES_PERMISSIONS_ENABLED_KEY; import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_ROLES_ENABLED; +import static org.opensearch.security.support.ConfigConstants.SECURITY_SYSTEM_INDICES_ENABLED_KEY; import static org.opensearch.security.support.ConfigConstants.SECURITY_SYSTEM_INDICES_KEY; +import static org.opensearch.security.support.ConfigConstants.SECURITY_SYSTEM_INDICES_PERMISSIONS_ENABLED_KEY; import static org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.AUTHC_HTTPBASIC_INTERNAL; import static org.opensearch.test.framework.TestSecurityConfig.Role.ALL_ACCESS; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertTrue; @RunWith(com.carrotsearch.randomizedtesting.RandomizedRunner.class) @ThreadLeakScope(ThreadLeakScope.Scope.NONE) diff --git a/src/integrationTest/java/org/opensearch/security/rest/AuthZinRestLayerTests.java b/src/integrationTest/java/org/opensearch/security/rest/AuthZinRestLayerTests.java index 96aea9d4bc..ad13d69db7 100644 --- a/src/integrationTest/java/org/opensearch/security/rest/AuthZinRestLayerTests.java +++ b/src/integrationTest/java/org/opensearch/security/rest/AuthZinRestLayerTests.java @@ -17,6 +17,7 @@ import org.junit.Rule; import org.junit.Test; import org.junit.runner.RunWith; + import org.opensearch.test.framework.AuditCompliance; import org.opensearch.test.framework.AuditConfiguration; import org.opensearch.test.framework.AuditFilters; diff --git a/src/integrationTest/java/org/opensearch/security/rest/CompressionTests.java b/src/integrationTest/java/org/opensearch/security/rest/CompressionTests.java index aa747e2586..40c90764d9 100644 --- a/src/integrationTest/java/org/opensearch/security/rest/CompressionTests.java +++ b/src/integrationTest/java/org/opensearch/security/rest/CompressionTests.java @@ -10,8 +10,14 @@ package org.opensearch.security.rest; -import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.nio.charset.StandardCharsets; +import java.util.concurrent.CountDownLatch; +import java.util.concurrent.TimeUnit; +import java.util.zip.GZIPOutputStream; +import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope; import org.apache.hc.client5.http.classic.methods.HttpPost; import org.apache.hc.core5.http.ContentType; import org.apache.hc.core5.http.HttpStatus; @@ -27,13 +33,6 @@ import org.opensearch.test.framework.cluster.LocalCluster; import org.opensearch.test.framework.cluster.TestRestClient; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.nio.charset.StandardCharsets; -import java.util.concurrent.CountDownLatch; -import java.util.concurrent.TimeUnit; -import java.util.zip.GZIPOutputStream; - import static org.hamcrest.CoreMatchers.containsString; import static org.hamcrest.CoreMatchers.equalTo; import static org.hamcrest.CoreMatchers.not; diff --git a/src/integrationTest/java/org/opensearch/security/rest/WhoAmITests.java b/src/integrationTest/java/org/opensearch/security/rest/WhoAmITests.java index 6b72a36277..0324cd449d 100644 --- a/src/integrationTest/java/org/opensearch/security/rest/WhoAmITests.java +++ b/src/integrationTest/java/org/opensearch/security/rest/WhoAmITests.java @@ -11,13 +11,23 @@ package org.opensearch.security.rest; +import java.time.Duration; +import java.time.LocalDateTime; +import java.time.format.DateTimeFormatter; +import java.util.ArrayList; +import java.util.HashSet; +import java.util.List; +import java.util.Map; +import java.util.Set; +import java.util.stream.Collectors; + import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope; -import joptsimple.internal.Strings; import org.apache.hc.core5.http.HttpStatus; import org.junit.ClassRule; import org.junit.Rule; import org.junit.Test; import org.junit.runner.RunWith; + import org.opensearch.security.auditlog.impl.AuditMessage; import org.opensearch.test.framework.AuditCompliance; import org.opensearch.test.framework.AuditConfiguration; @@ -29,21 +39,12 @@ import org.opensearch.test.framework.cluster.LocalCluster; import org.opensearch.test.framework.cluster.TestRestClient; -import java.time.Duration; -import java.time.LocalDateTime; -import java.time.format.DateTimeFormatter; -import java.util.ArrayList; -import java.util.HashSet; -import java.util.List; -import java.util.Map; -import java.util.Set; -import java.util.stream.Collectors; +import joptsimple.internal.Strings; import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.equalTo; import static org.hamcrest.Matchers.greaterThan; import static org.hamcrest.Matchers.lessThan; -import static org.junit.Assert.assertTrue; import static org.opensearch.rest.RestRequest.Method.GET; import static org.opensearch.security.auditlog.impl.AuditCategory.GRANTED_PRIVILEGES; import static org.opensearch.security.auditlog.impl.AuditCategory.MISSING_PRIVILEGES; @@ -51,6 +52,7 @@ import static org.opensearch.test.framework.audit.AuditMessagePredicate.grantedPrivilege; import static org.opensearch.test.framework.audit.AuditMessagePredicate.privilegePredicateRESTLayer; import static org.opensearch.test.framework.audit.AuditMessagePredicate.userAuthenticatedPredicate; +import static org.junit.Assert.assertTrue; @RunWith(com.carrotsearch.randomizedtesting.RandomizedRunner.class) @ThreadLeakScope(ThreadLeakScope.Scope.NONE) diff --git a/src/integrationTest/java/org/opensearch/test/framework/TestSecurityConfig.java b/src/integrationTest/java/org/opensearch/test/framework/TestSecurityConfig.java index 71a8aad545..7957d1cfa4 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/TestSecurityConfig.java +++ b/src/integrationTest/java/org/opensearch/test/framework/TestSecurityConfig.java @@ -52,8 +52,8 @@ import org.opensearch.action.index.IndexRequest; import org.opensearch.action.update.UpdateRequest; import org.opensearch.client.Client; -import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.xcontent.XContentFactory; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.core.xcontent.ToXContentObject; import org.opensearch.core.xcontent.XContentBuilder; import org.opensearch.security.securityconf.impl.CType; diff --git a/src/integrationTest/java/org/opensearch/test/framework/cluster/CloseableHttpClientFactory.java b/src/integrationTest/java/org/opensearch/test/framework/cluster/CloseableHttpClientFactory.java index ee2f3227e3..0fd75b08a1 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/cluster/CloseableHttpClientFactory.java +++ b/src/integrationTest/java/org/opensearch/test/framework/cluster/CloseableHttpClientFactory.java @@ -11,7 +11,6 @@ import java.util.Objects; import java.util.concurrent.TimeUnit; - import javax.net.ssl.SSLContext; import org.apache.hc.client5.http.config.RequestConfig; diff --git a/src/integrationTest/java/org/opensearch/test/framework/cluster/ContextHeaderDecoratorClient.java b/src/integrationTest/java/org/opensearch/test/framework/cluster/ContextHeaderDecoratorClient.java index c6ddf3281a..fed2bfe904 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/cluster/ContextHeaderDecoratorClient.java +++ b/src/integrationTest/java/org/opensearch/test/framework/cluster/ContextHeaderDecoratorClient.java @@ -12,15 +12,15 @@ import java.util.Collections; import java.util.Map; -import org.opensearch.core.action.ActionListener; import org.opensearch.action.ActionRequest; -import org.opensearch.core.action.ActionResponse; import org.opensearch.action.ActionType; import org.opensearch.action.support.ContextPreservingActionListener; import org.opensearch.client.Client; import org.opensearch.client.FilterClient; import org.opensearch.common.util.concurrent.ThreadContext; import org.opensearch.common.util.concurrent.ThreadContext.StoredContext; +import org.opensearch.core.action.ActionListener; +import org.opensearch.core.action.ActionResponse; /** * The class adds provided headers into context before sending request via wrapped {@link Client} diff --git a/src/integrationTest/java/org/opensearch/test/framework/cluster/LocalOpenSearchCluster.java b/src/integrationTest/java/org/opensearch/test/framework/cluster/LocalOpenSearchCluster.java index 189ef79f7c..b228fed388 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/cluster/LocalOpenSearchCluster.java +++ b/src/integrationTest/java/org/opensearch/test/framework/cluster/LocalOpenSearchCluster.java @@ -69,11 +69,11 @@ import org.opensearch.transport.BindTransportException; import static java.util.Objects.requireNonNull; -import static org.junit.Assert.assertEquals; import static org.opensearch.test.framework.cluster.NodeType.CLIENT; import static org.opensearch.test.framework.cluster.NodeType.CLUSTER_MANAGER; import static org.opensearch.test.framework.cluster.NodeType.DATA; import static org.opensearch.test.framework.cluster.PortAllocator.TCP; +import static org.junit.Assert.assertEquals; /** * Encapsulates all the logic to start a local OpenSearch cluster - without any configuration of the security plugin. diff --git a/src/integrationTest/java/org/opensearch/test/framework/cluster/OpenSearchClientProvider.java b/src/integrationTest/java/org/opensearch/test/framework/cluster/OpenSearchClientProvider.java index ddc68f74df..b797646763 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/cluster/OpenSearchClientProvider.java +++ b/src/integrationTest/java/org/opensearch/test/framework/cluster/OpenSearchClientProvider.java @@ -40,7 +40,6 @@ import java.util.List; import java.util.stream.Collectors; import java.util.stream.Stream; - import javax.net.ssl.KeyManager; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; @@ -60,6 +59,7 @@ import org.apache.hc.core5.http.HttpHost; import org.apache.hc.core5.http.nio.ssl.TlsStrategy; import org.apache.hc.core5.reactor.ssl.TlsDetails; + import org.opensearch.client.RestClient; import org.opensearch.client.RestClientBuilder; import org.opensearch.client.RestHighLevelClient; diff --git a/src/integrationTest/java/org/opensearch/test/framework/cluster/SocketUtils.java b/src/integrationTest/java/org/opensearch/test/framework/cluster/SocketUtils.java index 5895829243..3e165b16a3 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/cluster/SocketUtils.java +++ b/src/integrationTest/java/org/opensearch/test/framework/cluster/SocketUtils.java @@ -33,7 +33,6 @@ import java.util.Random; import java.util.SortedSet; import java.util.TreeSet; - import javax.net.ServerSocketFactory; /** diff --git a/src/integrationTest/java/org/opensearch/test/framework/cluster/SocketUtilsTests.java b/src/integrationTest/java/org/opensearch/test/framework/cluster/SocketUtilsTests.java index fb298c5283..0cffec4c93 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/cluster/SocketUtilsTests.java +++ b/src/integrationTest/java/org/opensearch/test/framework/cluster/SocketUtilsTests.java @@ -31,7 +31,6 @@ import java.net.InetAddress; import java.net.ServerSocket; import java.util.SortedSet; - import javax.net.ServerSocketFactory; import org.junit.Test; @@ -43,9 +42,9 @@ import static org.hamcrest.Matchers.lessThanOrEqualTo; import static org.hamcrest.Matchers.notNullValue; import static org.hamcrest.Matchers.startsWith; -import static org.junit.Assert.assertThrows; import static org.opensearch.test.framework.cluster.SocketUtils.PORT_RANGE_MAX; import static org.opensearch.test.framework.cluster.SocketUtils.PORT_RANGE_MIN; +import static org.junit.Assert.assertThrows; /** * Unit tests for {@link SocketUtils}. diff --git a/src/integrationTest/java/org/opensearch/test/framework/cluster/TestRestClient.java b/src/integrationTest/java/org/opensearch/test/framework/cluster/TestRestClient.java index 55919d814c..e38ef949cb 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/cluster/TestRestClient.java +++ b/src/integrationTest/java/org/opensearch/test/framework/cluster/TestRestClient.java @@ -28,12 +28,6 @@ package org.opensearch.test.framework.cluster; -import static java.lang.String.format; -import static java.util.Objects.requireNonNull; -import static org.hamcrest.MatcherAssert.assertThat; -import static org.hamcrest.Matchers.equalTo; -import static org.hamcrest.Matchers.notNullValue; - import java.io.IOException; import java.net.InetAddress; import java.net.InetSocketAddress; @@ -48,9 +42,10 @@ import java.util.Optional; import java.util.stream.Collectors; import java.util.stream.StreamSupport; - import javax.net.ssl.SSLContext; +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.JsonNode; import org.apache.commons.io.IOUtils; import org.apache.hc.client5.http.classic.methods.HttpDelete; import org.apache.hc.client5.http.classic.methods.HttpGet; @@ -72,13 +67,17 @@ import org.apache.hc.core5.net.URIBuilder; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; + import org.opensearch.common.xcontent.XContentType; import org.opensearch.core.common.Strings; import org.opensearch.core.xcontent.ToXContentObject; import org.opensearch.security.DefaultObjectMapper; -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.JsonNode; +import static java.lang.String.format; +import static java.util.Objects.requireNonNull; +import static org.hamcrest.MatcherAssert.assertThat; +import static org.hamcrest.Matchers.equalTo; +import static org.hamcrest.Matchers.notNullValue; /** * A OpenSearch REST client, which is tailored towards use in integration tests. Instances of this class can be diff --git a/src/integrationTest/java/org/opensearch/test/framework/ldap/LdapServer.java b/src/integrationTest/java/org/opensearch/test/framework/ldap/LdapServer.java index 18a14242cc..dece74f1e5 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/ldap/LdapServer.java +++ b/src/integrationTest/java/org/opensearch/test/framework/ldap/LdapServer.java @@ -27,12 +27,17 @@ import java.util.concurrent.TimeUnit; import java.util.concurrent.atomic.AtomicBoolean; import java.util.concurrent.locks.ReentrantLock; - import javax.net.ssl.KeyManager; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.TrustManager; import javax.net.ssl.TrustManagerFactory; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; + +import org.opensearch.test.framework.certificate.CertificateData; +import org.opensearch.test.framework.cluster.SocketUtils; + import com.unboundid.ldap.listener.InMemoryDirectoryServer; import com.unboundid.ldap.listener.InMemoryDirectoryServerConfig; import com.unboundid.ldap.listener.InMemoryListenerConfig; @@ -42,11 +47,6 @@ import com.unboundid.ldap.sdk.schema.Schema; import com.unboundid.ldif.LDIFReader; import com.unboundid.util.ssl.SSLUtil; -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; - -import org.opensearch.test.framework.certificate.CertificateData; -import org.opensearch.test.framework.cluster.SocketUtils; /** * Based on class com.amazon.dlic.auth.ldap.srv.LdapServer from older tests diff --git a/src/integrationTest/java/org/opensearch/test/framework/log/LogCapturingAppender.java b/src/integrationTest/java/org/opensearch/test/framework/log/LogCapturingAppender.java index 5673f1bd3e..2151c7bcc5 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/log/LogCapturingAppender.java +++ b/src/integrationTest/java/org/opensearch/test/framework/log/LogCapturingAppender.java @@ -9,6 +9,15 @@ */ package org.opensearch.test.framework.log; +import java.io.Serializable; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; +import java.util.Queue; +import java.util.Set; +import java.util.concurrent.ConcurrentHashMap; +import java.util.stream.Collectors; + import com.google.common.collect.EvictingQueue; import com.google.common.collect.Queues; import org.apache.logging.log4j.core.Appender; @@ -22,15 +31,6 @@ import org.apache.logging.log4j.core.config.plugins.PluginAttribute; import org.apache.logging.log4j.core.config.plugins.PluginFactory; -import java.io.Serializable; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.List; -import java.util.Queue; -import java.util.Set; -import java.util.concurrent.ConcurrentHashMap; -import java.util.stream.Collectors; - import static org.opensearch.test.framework.log.LogCapturingAppender.PLUGIN_NAME; /** diff --git a/src/integrationTest/java/org/opensearch/test/framework/testplugins/AbstractRestHandler.java b/src/integrationTest/java/org/opensearch/test/framework/testplugins/AbstractRestHandler.java index 2f88585b22..a068d80e76 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/testplugins/AbstractRestHandler.java +++ b/src/integrationTest/java/org/opensearch/test/framework/testplugins/AbstractRestHandler.java @@ -9,6 +9,8 @@ */ package org.opensearch.test.framework.testplugins; +import java.io.IOException; + import org.opensearch.ExceptionsHelper; import org.opensearch.client.node.NodeClient; import org.opensearch.core.rest.RestStatus; @@ -18,8 +20,6 @@ import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestRequest; -import java.io.IOException; - public class AbstractRestHandler extends BaseRestHandler { @Override diff --git a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/CustomLegacyTestPlugin.java b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/CustomLegacyTestPlugin.java index 648abef704..afd70f0ba3 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/CustomLegacyTestPlugin.java +++ b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/CustomLegacyTestPlugin.java @@ -11,6 +11,10 @@ package org.opensearch.test.framework.testplugins.dummy; +import java.util.ArrayList; +import java.util.List; +import java.util.function.Supplier; + import org.opensearch.action.ActionRequest; import org.opensearch.cluster.metadata.IndexNameExpressionResolver; import org.opensearch.cluster.node.DiscoveryNodes; @@ -28,10 +32,6 @@ import org.opensearch.test.framework.testplugins.dummy.dummyaction.DummyAction; import org.opensearch.test.framework.testplugins.dummy.dummyaction.TransportDummyAction; -import java.util.ArrayList; -import java.util.List; -import java.util.function.Supplier; - /** * Registers a plugin with legacy routes using {@link org.opensearch.rest.RestHandler.Route} */ diff --git a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/LegacyRestHandler.java b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/LegacyRestHandler.java index e001628596..3bfbca6272 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/LegacyRestHandler.java +++ b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/LegacyRestHandler.java @@ -11,7 +11,10 @@ package org.opensearch.test.framework.testplugins.dummy; +import java.util.List; + import com.google.common.collect.ImmutableList; + import org.opensearch.client.node.NodeClient; import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestRequest; @@ -20,8 +23,6 @@ import org.opensearch.test.framework.testplugins.dummy.dummyaction.DummyAction; import org.opensearch.test.framework.testplugins.dummy.dummyaction.DummyRequest; -import java.util.List; - import static org.opensearch.rest.RestRequest.Method.GET; import static org.opensearch.rest.RestRequest.Method.POST; import static org.opensearch.security.dlic.rest.support.Utils.addRoutesPrefix; diff --git a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/dummyaction/DummyRequest.java b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/dummyaction/DummyRequest.java index 5928b4892f..4bd94ae3c4 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/dummyaction/DummyRequest.java +++ b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/dummyaction/DummyRequest.java @@ -11,14 +11,14 @@ package org.opensearch.test.framework.testplugins.dummy.dummyaction; +import java.io.IOException; + import org.opensearch.action.ActionRequest; import org.opensearch.action.ActionRequestValidationException; import org.opensearch.core.common.io.stream.StreamInput; import org.opensearch.core.xcontent.ToXContent; import org.opensearch.core.xcontent.XContentBuilder; -import java.io.IOException; - public class DummyRequest extends ActionRequest implements ToXContent { private final String message; diff --git a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/dummyaction/DummyResponse.java b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/dummyaction/DummyResponse.java index e2ee6c9344..c2ac8009fa 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/dummyaction/DummyResponse.java +++ b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummy/dummyaction/DummyResponse.java @@ -11,6 +11,8 @@ package org.opensearch.test.framework.testplugins.dummy.dummyaction; +import java.io.IOException; + import org.opensearch.common.xcontent.StatusToXContentObject; import org.opensearch.core.action.ActionResponse; import org.opensearch.core.common.Strings; @@ -20,8 +22,6 @@ import org.opensearch.core.xcontent.MediaTypeRegistry; import org.opensearch.core.xcontent.XContentBuilder; -import java.io.IOException; - public class DummyResponse extends ActionResponse implements StatusToXContentObject { private final String responseString; diff --git a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/CustomRestProtectedTestPlugin.java b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/CustomRestProtectedTestPlugin.java index 780bee4ac6..d312a351df 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/CustomRestProtectedTestPlugin.java +++ b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/CustomRestProtectedTestPlugin.java @@ -11,6 +11,10 @@ package org.opensearch.test.framework.testplugins.dummyprotected; +import java.util.ArrayList; +import java.util.List; +import java.util.function.Supplier; + import org.opensearch.action.ActionRequest; import org.opensearch.cluster.metadata.IndexNameExpressionResolver; import org.opensearch.cluster.node.DiscoveryNodes; @@ -28,10 +32,6 @@ import org.opensearch.test.framework.testplugins.dummyprotected.dummyaction.DummyAction; import org.opensearch.test.framework.testplugins.dummyprotected.dummyaction.TransportDummyAction; -import java.util.ArrayList; -import java.util.List; -import java.util.function.Supplier; - /** * Registers a plugin with protected routes using {@linkplain org.opensearch.rest.NamedRoute} * This allows authorization against REST layer diff --git a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/dummyaction/DummyRequest.java b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/dummyaction/DummyRequest.java index 025d2e1c55..9cc8034dd5 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/dummyaction/DummyRequest.java +++ b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/dummyaction/DummyRequest.java @@ -11,14 +11,14 @@ package org.opensearch.test.framework.testplugins.dummyprotected.dummyaction; +import java.io.IOException; + import org.opensearch.action.ActionRequest; import org.opensearch.action.ActionRequestValidationException; import org.opensearch.core.common.io.stream.StreamInput; import org.opensearch.core.xcontent.ToXContent; import org.opensearch.core.xcontent.XContentBuilder; -import java.io.IOException; - public class DummyRequest extends ActionRequest implements ToXContent { private final String message; diff --git a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/dummyaction/DummyResponse.java b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/dummyaction/DummyResponse.java index efd7be49b4..20465f21dc 100644 --- a/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/dummyaction/DummyResponse.java +++ b/src/integrationTest/java/org/opensearch/test/framework/testplugins/dummyprotected/dummyaction/DummyResponse.java @@ -11,6 +11,8 @@ package org.opensearch.test.framework.testplugins.dummyprotected.dummyaction; +import java.io.IOException; + import org.opensearch.common.xcontent.StatusToXContentObject; import org.opensearch.core.action.ActionResponse; import org.opensearch.core.common.Strings; @@ -20,8 +22,6 @@ import org.opensearch.core.xcontent.MediaTypeRegistry; import org.opensearch.core.xcontent.XContentBuilder; -import java.io.IOException; - public class DummyResponse extends ActionResponse implements StatusToXContentObject { private final String responseString; diff --git a/src/main/java/com/amazon/dlic/auth/http/jwt/AbstractHTTPJwtAuthenticator.java b/src/main/java/com/amazon/dlic/auth/http/jwt/AbstractHTTPJwtAuthenticator.java index da19a808a3..8c6af4279b 100644 --- a/src/main/java/com/amazon/dlic/auth/http/jwt/AbstractHTTPJwtAuthenticator.java +++ b/src/main/java/com/amazon/dlic/auth/http/jwt/AbstractHTTPJwtAuthenticator.java @@ -11,30 +11,21 @@ package com.amazon.dlic.auth.http.jwt; -import static org.apache.http.HttpHeaders.AUTHORIZATION; - import java.nio.file.Path; import java.security.AccessController; import java.security.PrivilegedAction; import java.text.ParseException; import java.util.Collection; import java.util.Map; -import java.util.Optional; import java.util.Map.Entry; +import java.util.Optional; import java.util.regex.Pattern; import com.google.common.annotations.VisibleForTesting; -import com.nimbusds.jwt.JWTClaimsSet; -import com.nimbusds.jwt.SignedJWT; import org.apache.http.HttpStatus; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import com.amazon.dlic.auth.http.jwt.keybyoidc.AuthenticatorUnavailableException; -import com.amazon.dlic.auth.http.jwt.keybyoidc.BadCredentialsException; -import com.amazon.dlic.auth.http.jwt.keybyoidc.JwtVerifier; -import com.amazon.dlic.auth.http.jwt.keybyoidc.KeyProvider; - import org.opensearch.OpenSearchSecurityException; import org.opensearch.SpecialPermission; import org.opensearch.common.settings.Settings; @@ -46,6 +37,15 @@ import org.opensearch.security.filter.SecurityResponse; import org.opensearch.security.user.AuthCredentials; +import com.amazon.dlic.auth.http.jwt.keybyoidc.AuthenticatorUnavailableException; +import com.amazon.dlic.auth.http.jwt.keybyoidc.BadCredentialsException; +import com.amazon.dlic.auth.http.jwt.keybyoidc.JwtVerifier; +import com.amazon.dlic.auth.http.jwt.keybyoidc.KeyProvider; +import com.nimbusds.jwt.JWTClaimsSet; +import com.nimbusds.jwt.SignedJWT; + +import static org.apache.http.HttpHeaders.AUTHORIZATION; + public abstract class AbstractHTTPJwtAuthenticator implements HTTPAuthenticator { private final static Logger log = LogManager.getLogger(AbstractHTTPJwtAuthenticator.class); diff --git a/src/main/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java b/src/main/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java index 1266bc8b04..c5c3e0ddc5 100644 --- a/src/main/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java +++ b/src/main/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java @@ -11,22 +11,15 @@ package com.amazon.dlic.auth.http.jwt; -import static org.apache.http.HttpHeaders.AUTHORIZATION; - import java.nio.file.Path; import java.security.AccessController; import java.security.PrivilegedAction; import java.util.Collection; import java.util.Map; -import java.util.Optional; import java.util.Map.Entry; +import java.util.Optional; import java.util.regex.Pattern; -import io.jsonwebtoken.Claims; -import io.jsonwebtoken.JwtParser; -import io.jsonwebtoken.JwtParserBuilder; -import io.jsonwebtoken.security.WeakKeyException; - import org.apache.http.HttpStatus; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; @@ -41,6 +34,13 @@ import org.opensearch.security.user.AuthCredentials; import org.opensearch.security.util.KeyUtils; +import io.jsonwebtoken.Claims; +import io.jsonwebtoken.JwtParser; +import io.jsonwebtoken.JwtParserBuilder; +import io.jsonwebtoken.security.WeakKeyException; + +import static org.apache.http.HttpHeaders.AUTHORIZATION; + public class HTTPJwtAuthenticator implements HTTPAuthenticator { protected final Logger log = LogManager.getLogger(this.getClass()); diff --git a/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/HTTPJwtKeyByOpenIdConnectAuthenticator.java b/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/HTTPJwtKeyByOpenIdConnectAuthenticator.java index 808abfc5ea..bf2f82e178 100644 --- a/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/HTTPJwtKeyByOpenIdConnectAuthenticator.java +++ b/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/HTTPJwtKeyByOpenIdConnectAuthenticator.java @@ -13,11 +13,11 @@ import java.nio.file.Path; +import org.opensearch.common.settings.Settings; + import com.amazon.dlic.auth.http.jwt.AbstractHTTPJwtAuthenticator; import com.amazon.dlic.util.SettingsBasedSSLConfigurator; -import org.opensearch.common.settings.Settings; - public class HTTPJwtKeyByOpenIdConnectAuthenticator extends AbstractHTTPJwtAuthenticator { // private final static Logger log = LogManager.getLogger(HTTPJwtKeyByOpenIdConnectAuthenticator.class); diff --git a/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/JwtVerifier.java b/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/JwtVerifier.java index 3716eb7997..da1b8393fb 100644 --- a/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/JwtVerifier.java +++ b/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/JwtVerifier.java @@ -11,24 +11,25 @@ package com.amazon.dlic.auth.http.jwt.keybyoidc; +import java.text.ParseException; +import java.util.Collections; + import com.google.common.base.Strings; +import org.apache.commons.lang3.StringEscapeUtils; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; + import com.nimbusds.jose.Algorithm; import com.nimbusds.jose.JOSEException; import com.nimbusds.jose.JWSVerifier; +import com.nimbusds.jose.crypto.factories.DefaultJWSVerifierFactory; import com.nimbusds.jose.jwk.JWK; import com.nimbusds.jose.jwk.OctetSequenceKey; -import com.nimbusds.jose.crypto.factories.DefaultJWSVerifierFactory; import com.nimbusds.jose.proc.SimpleSecurityContext; import com.nimbusds.jwt.JWTClaimsSet; import com.nimbusds.jwt.SignedJWT; import com.nimbusds.jwt.proc.BadJWTException; import com.nimbusds.jwt.proc.DefaultJWTClaimsVerifier; -import org.apache.commons.lang3.StringEscapeUtils; -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; - -import java.text.ParseException; -import java.util.Collections; public class JwtVerifier { diff --git a/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/KeySetRetriever.java b/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/KeySetRetriever.java index 05f0d88768..58eff89341 100644 --- a/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/KeySetRetriever.java +++ b/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/KeySetRetriever.java @@ -15,8 +15,6 @@ import java.text.ParseException; import java.util.concurrent.TimeUnit; -import com.nimbusds.jose.jwk.JWKSet; -import joptsimple.internal.Strings; import org.apache.hc.client5.http.cache.HttpCacheContext; import org.apache.hc.client5.http.cache.HttpCacheStorage; import org.apache.hc.client5.http.classic.methods.HttpGet; @@ -34,10 +32,12 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; +import org.opensearch.security.DefaultObjectMapper; + import com.amazon.dlic.auth.http.jwt.oidc.json.OpenIdProviderConfiguration; import com.amazon.dlic.util.SettingsBasedSSLConfigurator.SSLConfig; - -import org.opensearch.security.DefaultObjectMapper; +import com.nimbusds.jose.jwk.JWKSet; +import joptsimple.internal.Strings; public class KeySetRetriever implements KeySetProvider { private final static Logger log = LogManager.getLogger(KeySetRetriever.class); diff --git a/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/SelfRefreshingKeySet.java b/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/SelfRefreshingKeySet.java index d1d823e3a8..35b2b079c6 100644 --- a/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/SelfRefreshingKeySet.java +++ b/src/main/java/com/amazon/dlic/auth/http/jwt/keybyoidc/SelfRefreshingKeySet.java @@ -19,11 +19,12 @@ import java.util.concurrent.TimeUnit; import com.google.common.base.Strings; -import com.nimbusds.jose.jwk.JWK; -import com.nimbusds.jose.jwk.JWKSet; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; +import com.nimbusds.jose.jwk.JWK; +import com.nimbusds.jose.jwk.JWKSet; + public class SelfRefreshingKeySet implements KeyProvider { private static final Logger log = LogManager.getLogger(SelfRefreshingKeySet.class); diff --git a/src/main/java/com/amazon/dlic/auth/http/kerberos/HTTPSpnegoAuthenticator.java b/src/main/java/com/amazon/dlic/auth/http/kerberos/HTTPSpnegoAuthenticator.java index ad24b8db95..44bff5c73e 100644 --- a/src/main/java/com/amazon/dlic/auth/http/kerberos/HTTPSpnegoAuthenticator.java +++ b/src/main/java/com/amazon/dlic/auth/http/kerberos/HTTPSpnegoAuthenticator.java @@ -11,8 +11,6 @@ package com.amazon.dlic.auth.http.kerberos; -import static org.apache.http.HttpStatus.SC_UNAUTHORIZED; - import java.io.Serializable; import java.nio.file.Files; import java.nio.file.Path; @@ -29,23 +27,12 @@ import java.util.Map; import java.util.Optional; import java.util.Set; - import javax.security.auth.Subject; import javax.security.auth.login.LoginException; import com.google.common.base.Strings; - import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.ietf.jgss.GSSContext; -import org.ietf.jgss.GSSCredential; -import org.ietf.jgss.GSSException; -import org.ietf.jgss.GSSManager; -import org.ietf.jgss.GSSName; -import org.ietf.jgss.Oid; - -import com.amazon.dlic.auth.http.kerberos.util.JaasKrbUtil; -import com.amazon.dlic.auth.http.kerberos.util.KrbConstants; import org.opensearch.ExceptionsHelper; import org.opensearch.SpecialPermission; @@ -59,6 +46,17 @@ import org.opensearch.security.filter.SecurityResponse; import org.opensearch.security.user.AuthCredentials; +import com.amazon.dlic.auth.http.kerberos.util.JaasKrbUtil; +import com.amazon.dlic.auth.http.kerberos.util.KrbConstants; +import org.ietf.jgss.GSSContext; +import org.ietf.jgss.GSSCredential; +import org.ietf.jgss.GSSException; +import org.ietf.jgss.GSSManager; +import org.ietf.jgss.GSSName; +import org.ietf.jgss.Oid; + +import static org.apache.http.HttpStatus.SC_UNAUTHORIZED; + public class HTTPSpnegoAuthenticator implements HTTPAuthenticator { private static final Oid[] KRB_OIDS = new Oid[] { KrbConstants.SPNEGO, KrbConstants.KRB5MECH }; diff --git a/src/main/java/com/amazon/dlic/auth/http/kerberos/util/JaasKrbUtil.java b/src/main/java/com/amazon/dlic/auth/http/kerberos/util/JaasKrbUtil.java index 619c780027..80894f622b 100644 --- a/src/main/java/com/amazon/dlic/auth/http/kerberos/util/JaasKrbUtil.java +++ b/src/main/java/com/amazon/dlic/auth/http/kerberos/util/JaasKrbUtil.java @@ -21,7 +21,6 @@ import java.util.HashSet; import java.util.Map; import java.util.Set; - import javax.security.auth.Subject; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; diff --git a/src/main/java/com/amazon/dlic/auth/http/saml/AuthTokenProcessorHandler.java b/src/main/java/com/amazon/dlic/auth/http/saml/AuthTokenProcessorHandler.java index 393cedc3b5..41e9305ba6 100644 --- a/src/main/java/com/amazon/dlic/auth/http/saml/AuthTokenProcessorHandler.java +++ b/src/main/java/com/amazon/dlic/auth/http/saml/AuthTokenProcessorHandler.java @@ -25,45 +25,44 @@ import java.util.regex.Matcher; import java.util.regex.Pattern; import java.util.stream.Collectors; - import javax.xml.xpath.XPathExpressionException; import com.fasterxml.jackson.core.JsonParseException; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.node.ObjectNode; -import com.nimbusds.jose.JWSAlgorithm; -import com.nimbusds.jose.JWSHeader; -import com.nimbusds.jose.crypto.factories.DefaultJWSSignerFactory; -import com.nimbusds.jose.jwk.JWK; -import com.nimbusds.jose.jwk.KeyUse; -import com.nimbusds.jose.jwk.OctetSequenceKey; -import com.nimbusds.jwt.JWTClaimsSet; -import com.nimbusds.jwt.SignedJWT; -import com.onelogin.saml2.authn.SamlResponse; -import com.onelogin.saml2.exception.ValidationError; -import com.onelogin.saml2.settings.Saml2Settings; -import com.onelogin.saml2.util.Util; - import org.apache.commons.lang3.StringUtils; import org.apache.http.HttpStatus; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.joda.time.DateTime; -import org.opensearch.core.common.Strings; import org.opensearch.OpenSearchSecurityException; import org.opensearch.SpecialPermission; -import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.common.xcontent.XContentType; +import org.opensearch.core.common.Strings; +import org.opensearch.core.common.bytes.BytesReference; +import org.opensearch.core.rest.RestStatus; import org.opensearch.rest.RestRequest; import org.opensearch.rest.RestRequest.Method; -import org.opensearch.core.rest.RestStatus; import org.opensearch.security.DefaultObjectMapper; import org.opensearch.security.dlic.rest.api.AuthTokenProcessorAction; import org.opensearch.security.filter.SecurityResponse; +import com.nimbusds.jose.JWSAlgorithm; +import com.nimbusds.jose.JWSHeader; +import com.nimbusds.jose.crypto.factories.DefaultJWSSignerFactory; +import com.nimbusds.jose.jwk.JWK; +import com.nimbusds.jose.jwk.KeyUse; +import com.nimbusds.jose.jwk.OctetSequenceKey; +import com.nimbusds.jwt.JWTClaimsSet; +import com.nimbusds.jwt.SignedJWT; +import com.onelogin.saml2.authn.SamlResponse; +import com.onelogin.saml2.exception.ValidationError; +import com.onelogin.saml2.settings.Saml2Settings; +import com.onelogin.saml2.util.Util; +import org.joda.time.DateTime; + import static org.opensearch.security.authtoken.jwt.KeyPaddingUtil.padSecret; class AuthTokenProcessorHandler { diff --git a/src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java b/src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java index fa8db83814..ae3d1c9128 100644 --- a/src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java +++ b/src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java @@ -23,39 +23,14 @@ import java.util.ServiceLoader; import java.util.regex.Matcher; import java.util.regex.Pattern; - import javax.xml.parsers.ParserConfigurationException; import com.google.common.annotations.VisibleForTesting; import com.google.common.base.Strings; -import com.nimbusds.jose.jwk.JWK; -import com.onelogin.saml2.authn.AuthnRequest; -import com.onelogin.saml2.logout.LogoutRequest; -import com.onelogin.saml2.settings.Saml2Settings; -import com.onelogin.saml2.util.Constants; -import com.onelogin.saml2.util.Util; -import net.shibboleth.utilities.java.support.component.ComponentInitializationException; -import net.shibboleth.utilities.java.support.component.DestructableComponent; -import net.shibboleth.utilities.java.support.xml.BasicParserPool; import org.apache.commons.lang3.StringEscapeUtils; import org.apache.http.HttpStatus; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.opensaml.core.config.InitializationException; -import org.opensaml.core.config.InitializationService; -import org.opensaml.core.config.Initializer; -import org.opensaml.saml.metadata.resolver.MetadataResolver; -import org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver; -import org.opensaml.saml.metadata.resolver.impl.DOMMetadataResolver; -import org.opensaml.xmlsec.config.impl.XMLObjectProviderInitializer; -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.xml.sax.SAXException; - -import com.amazon.dlic.auth.http.jwt.AbstractHTTPJwtAuthenticator; -import com.amazon.dlic.auth.http.jwt.keybyoidc.AuthenticatorUnavailableException; -import com.amazon.dlic.auth.http.jwt.keybyoidc.BadCredentialsException; -import com.amazon.dlic.auth.http.jwt.keybyoidc.KeyProvider; import org.opensearch.OpenSearchSecurityException; import org.opensearch.SpecialPermission; @@ -73,6 +48,30 @@ import org.opensearch.security.support.PemKeyReader; import org.opensearch.security.user.AuthCredentials; +import com.amazon.dlic.auth.http.jwt.AbstractHTTPJwtAuthenticator; +import com.amazon.dlic.auth.http.jwt.keybyoidc.AuthenticatorUnavailableException; +import com.amazon.dlic.auth.http.jwt.keybyoidc.BadCredentialsException; +import com.amazon.dlic.auth.http.jwt.keybyoidc.KeyProvider; +import com.nimbusds.jose.jwk.JWK; +import com.onelogin.saml2.authn.AuthnRequest; +import com.onelogin.saml2.logout.LogoutRequest; +import com.onelogin.saml2.settings.Saml2Settings; +import com.onelogin.saml2.util.Constants; +import com.onelogin.saml2.util.Util; +import net.shibboleth.utilities.java.support.component.ComponentInitializationException; +import net.shibboleth.utilities.java.support.component.DestructableComponent; +import net.shibboleth.utilities.java.support.xml.BasicParserPool; +import org.opensaml.core.config.InitializationException; +import org.opensaml.core.config.InitializationService; +import org.opensaml.core.config.Initializer; +import org.opensaml.saml.metadata.resolver.MetadataResolver; +import org.opensaml.saml.metadata.resolver.impl.AbstractMetadataResolver; +import org.opensaml.saml.metadata.resolver.impl.DOMMetadataResolver; +import org.opensaml.xmlsec.config.impl.XMLObjectProviderInitializer; +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.xml.sax.SAXException; + import static org.opensearch.security.OpenSearchSecurityPlugin.LEGACY_OPENDISTRO_PREFIX; import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX; diff --git a/src/main/java/com/amazon/dlic/auth/http/saml/Saml2SettingsProvider.java b/src/main/java/com/amazon/dlic/auth/http/saml/Saml2SettingsProvider.java index 1b97242762..0c7f56282e 100644 --- a/src/main/java/com/amazon/dlic/auth/http/saml/Saml2SettingsProvider.java +++ b/src/main/java/com/amazon/dlic/auth/http/saml/Saml2SettingsProvider.java @@ -23,12 +23,17 @@ import java.util.Set; import java.util.stream.Collectors; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; + +import org.opensearch.SpecialPermission; +import org.opensearch.common.settings.Settings; + +import com.amazon.dlic.auth.http.jwt.keybyoidc.AuthenticatorUnavailableException; import com.onelogin.saml2.settings.Saml2Settings; import com.onelogin.saml2.settings.SettingsBuilder; import net.shibboleth.utilities.java.support.resolver.CriteriaSet; import net.shibboleth.utilities.java.support.resolver.ResolverException; -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; import org.opensaml.core.criterion.EntityIdCriterion; import org.opensaml.saml.metadata.resolver.MetadataResolver; import org.opensaml.saml.metadata.resolver.RefreshableMetadataResolver; @@ -41,11 +46,6 @@ import org.opensaml.xmlsec.signature.X509Certificate; import org.opensaml.xmlsec.signature.X509Data; -import com.amazon.dlic.auth.http.jwt.keybyoidc.AuthenticatorUnavailableException; - -import org.opensearch.SpecialPermission; -import org.opensearch.common.settings.Settings; - public class Saml2SettingsProvider { protected final static Logger log = LogManager.getLogger(Saml2SettingsProvider.class); diff --git a/src/main/java/com/amazon/dlic/auth/http/saml/SamlFilesystemMetadataResolver.java b/src/main/java/com/amazon/dlic/auth/http/saml/SamlFilesystemMetadataResolver.java index 302b1f41ea..93d3b020ce 100644 --- a/src/main/java/com/amazon/dlic/auth/http/saml/SamlFilesystemMetadataResolver.java +++ b/src/main/java/com/amazon/dlic/auth/http/saml/SamlFilesystemMetadataResolver.java @@ -17,12 +17,12 @@ import java.security.PrivilegedActionException; import java.security.PrivilegedExceptionAction; -import net.shibboleth.utilities.java.support.resolver.ResolverException; -import org.opensaml.saml.metadata.resolver.impl.FilesystemMetadataResolver; - import org.opensearch.common.settings.Settings; import org.opensearch.env.Environment; +import net.shibboleth.utilities.java.support.resolver.ResolverException; +import org.opensaml.saml.metadata.resolver.impl.FilesystemMetadataResolver; + public class SamlFilesystemMetadataResolver extends FilesystemMetadataResolver { SamlFilesystemMetadataResolver(String filePath, Settings opensearchSettings, Path configPath) throws Exception { diff --git a/src/main/java/com/amazon/dlic/auth/http/saml/SamlHTTPMetadataResolver.java b/src/main/java/com/amazon/dlic/auth/http/saml/SamlHTTPMetadataResolver.java index d68905fe51..d3e5571ece 100644 --- a/src/main/java/com/amazon/dlic/auth/http/saml/SamlHTTPMetadataResolver.java +++ b/src/main/java/com/amazon/dlic/auth/http/saml/SamlHTTPMetadataResolver.java @@ -17,17 +17,17 @@ import java.security.PrivilegedExceptionAction; import java.time.Duration; -import net.shibboleth.utilities.java.support.resolver.ResolverException; import org.apache.http.client.HttpClient; import org.apache.http.impl.client.HttpClientBuilder; import org.apache.http.impl.client.HttpClients; -import org.opensaml.saml.metadata.resolver.impl.HTTPMetadataResolver; - -import com.amazon.dlic.util.SettingsBasedSSLConfiguratorV4; import org.opensearch.SpecialPermission; import org.opensearch.common.settings.Settings; +import com.amazon.dlic.util.SettingsBasedSSLConfiguratorV4; +import net.shibboleth.utilities.java.support.resolver.ResolverException; +import org.opensaml.saml.metadata.resolver.impl.HTTPMetadataResolver; + public class SamlHTTPMetadataResolver extends HTTPMetadataResolver { SamlHTTPMetadataResolver(String idpMetadataUrl, Settings opensearchSettings, Path configPath) throws Exception { diff --git a/src/main/java/com/amazon/dlic/auth/ldap/LdapUser.java b/src/main/java/com/amazon/dlic/auth/ldap/LdapUser.java index f752ce4a49..c2f634709e 100755 --- a/src/main/java/com/amazon/dlic/auth/ldap/LdapUser.java +++ b/src/main/java/com/amazon/dlic/auth/ldap/LdapUser.java @@ -16,17 +16,16 @@ import java.util.HashMap; import java.util.Map; -import org.ldaptive.LdapAttribute; -import org.ldaptive.LdapEntry; - -import com.amazon.dlic.auth.ldap.util.Utils; - import org.opensearch.core.common.io.stream.StreamInput; import org.opensearch.core.common.io.stream.StreamOutput; import org.opensearch.security.support.WildcardMatcher; import org.opensearch.security.user.AuthCredentials; import org.opensearch.security.user.User; +import com.amazon.dlic.auth.ldap.util.Utils; +import org.ldaptive.LdapAttribute; +import org.ldaptive.LdapEntry; + public class LdapUser extends User { private static final long serialVersionUID = 1L; diff --git a/src/main/java/com/amazon/dlic/auth/ldap/backend/LDAPAuthenticationBackend.java b/src/main/java/com/amazon/dlic/auth/ldap/backend/LDAPAuthenticationBackend.java index 96cd7a40c9..3145352013 100755 --- a/src/main/java/com/amazon/dlic/auth/ldap/backend/LDAPAuthenticationBackend.java +++ b/src/main/java/com/amazon/dlic/auth/ldap/backend/LDAPAuthenticationBackend.java @@ -25,17 +25,6 @@ import org.apache.commons.lang3.tuple.Pair; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.ldaptive.Connection; -import org.ldaptive.ConnectionConfig; -import org.ldaptive.LdapEntry; -import org.ldaptive.ReturnAttributes; -import org.ldaptive.SearchFilter; -import org.ldaptive.SearchScope; - -import com.amazon.dlic.auth.ldap.LdapUser; -import com.amazon.dlic.auth.ldap.util.ConfigConstants; -import com.amazon.dlic.auth.ldap.util.LdapHelper; -import com.amazon.dlic.auth.ldap.util.Utils; import org.opensearch.OpenSearchSecurityException; import org.opensearch.common.settings.Settings; @@ -44,6 +33,17 @@ import org.opensearch.security.user.AuthCredentials; import org.opensearch.security.user.User; +import com.amazon.dlic.auth.ldap.LdapUser; +import com.amazon.dlic.auth.ldap.util.ConfigConstants; +import com.amazon.dlic.auth.ldap.util.LdapHelper; +import com.amazon.dlic.auth.ldap.util.Utils; +import org.ldaptive.Connection; +import org.ldaptive.ConnectionConfig; +import org.ldaptive.LdapEntry; +import org.ldaptive.ReturnAttributes; +import org.ldaptive.SearchFilter; +import org.ldaptive.SearchScope; + import static org.opensearch.security.setting.DeprecatedSettings.checkForDeprecatedSetting; public class LDAPAuthenticationBackend implements AuthenticationBackend { diff --git a/src/main/java/com/amazon/dlic/auth/ldap/backend/LDAPAuthorizationBackend.java b/src/main/java/com/amazon/dlic/auth/ldap/backend/LDAPAuthorizationBackend.java index ac3fd8b32f..d8b33b2a7e 100755 --- a/src/main/java/com/amazon/dlic/auth/ldap/backend/LDAPAuthorizationBackend.java +++ b/src/main/java/com/amazon/dlic/auth/ldap/backend/LDAPAuthorizationBackend.java @@ -35,14 +35,29 @@ import java.util.Map; import java.util.Set; import java.util.concurrent.atomic.AtomicInteger; - import javax.naming.InvalidNameException; import javax.naming.ldap.LdapName; import com.google.common.collect.HashMultimap; -import io.netty.util.internal.PlatformDependent; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; + +import org.opensearch.OpenSearchSecurityException; +import org.opensearch.SpecialPermission; +import org.opensearch.common.settings.Settings; +import org.opensearch.core.common.Strings; +import org.opensearch.security.auth.AuthorizationBackend; +import org.opensearch.security.ssl.util.SSLConfigConstants; +import org.opensearch.security.support.PemKeyReader; +import org.opensearch.security.support.WildcardMatcher; +import org.opensearch.security.user.AuthCredentials; +import org.opensearch.security.user.User; + +import com.amazon.dlic.auth.ldap.LdapUser; +import com.amazon.dlic.auth.ldap.util.ConfigConstants; +import com.amazon.dlic.auth.ldap.util.LdapHelper; +import com.amazon.dlic.auth.ldap.util.Utils; +import io.netty.util.internal.PlatformDependent; import org.ldaptive.BindConnectionInitializer; import org.ldaptive.BindRequest; import org.ldaptive.Connection; @@ -67,22 +82,6 @@ import org.ldaptive.ssl.SslConfig; import org.ldaptive.ssl.ThreadLocalTLSSocketFactory; -import com.amazon.dlic.auth.ldap.LdapUser; -import com.amazon.dlic.auth.ldap.util.ConfigConstants; -import com.amazon.dlic.auth.ldap.util.LdapHelper; -import com.amazon.dlic.auth.ldap.util.Utils; - -import org.opensearch.OpenSearchSecurityException; -import org.opensearch.SpecialPermission; -import org.opensearch.common.settings.Settings; -import org.opensearch.core.common.Strings; -import org.opensearch.security.auth.AuthorizationBackend; -import org.opensearch.security.ssl.util.SSLConfigConstants; -import org.opensearch.security.support.PemKeyReader; -import org.opensearch.security.support.WildcardMatcher; -import org.opensearch.security.user.AuthCredentials; -import org.opensearch.security.user.User; - import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD; import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD; diff --git a/src/main/java/com/amazon/dlic/auth/ldap/util/LdapHelper.java b/src/main/java/com/amazon/dlic/auth/ldap/util/LdapHelper.java index f06c7d59d7..f2dffa62fd 100644 --- a/src/main/java/com/amazon/dlic/auth/ldap/util/LdapHelper.java +++ b/src/main/java/com/amazon/dlic/auth/ldap/util/LdapHelper.java @@ -16,11 +16,12 @@ import java.security.PrivilegedExceptionAction; import java.util.ArrayList; import java.util.List; - import javax.naming.InvalidNameException; import javax.naming.ldap.LdapName; import javax.naming.ldap.Rdn; +import org.opensearch.SpecialPermission; + import org.ldaptive.Connection; import org.ldaptive.DerefAliases; import org.ldaptive.LdapEntry; @@ -33,8 +34,6 @@ import org.ldaptive.SearchScope; import org.ldaptive.referral.SearchReferralHandler; -import org.opensearch.SpecialPermission; - public class LdapHelper { private static SearchFilter ALL = new SearchFilter("(objectClass=*)"); diff --git a/src/main/java/com/amazon/dlic/auth/ldap/util/Utils.java b/src/main/java/com/amazon/dlic/auth/ldap/util/Utils.java index 743705eee5..58ab1574b3 100644 --- a/src/main/java/com/amazon/dlic/auth/ldap/util/Utils.java +++ b/src/main/java/com/amazon/dlic/auth/ldap/util/Utils.java @@ -23,12 +23,13 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.ldaptive.Connection; -import org.ldaptive.LdapAttribute; import org.opensearch.SpecialPermission; import org.opensearch.common.settings.Settings; +import org.ldaptive.Connection; +import org.ldaptive.LdapAttribute; + public final class Utils { private static final Logger log = LogManager.getLogger(Utils.class); diff --git a/src/main/java/com/amazon/dlic/auth/ldap2/LDAPAuthenticationBackend2.java b/src/main/java/com/amazon/dlic/auth/ldap2/LDAPAuthenticationBackend2.java index 74184de0eb..70311e5fe3 100755 --- a/src/main/java/com/amazon/dlic/auth/ldap2/LDAPAuthenticationBackend2.java +++ b/src/main/java/com/amazon/dlic/auth/ldap2/LDAPAuthenticationBackend2.java @@ -23,20 +23,6 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.ldaptive.BindRequest; -import org.ldaptive.Connection; -import org.ldaptive.ConnectionFactory; -import org.ldaptive.Credential; -import org.ldaptive.LdapEntry; -import org.ldaptive.LdapException; -import org.ldaptive.Response; -import org.ldaptive.ReturnAttributes; -import org.ldaptive.pool.ConnectionPool; - -import com.amazon.dlic.auth.ldap.LdapUser; -import com.amazon.dlic.auth.ldap.util.ConfigConstants; -import com.amazon.dlic.auth.ldap.util.Utils; -import com.amazon.dlic.util.SettingsBasedSSLConfigurator.SSLConfigException; import org.opensearch.OpenSearchSecurityException; import org.opensearch.SpecialPermission; @@ -47,6 +33,20 @@ import org.opensearch.security.user.AuthCredentials; import org.opensearch.security.user.User; +import com.amazon.dlic.auth.ldap.LdapUser; +import com.amazon.dlic.auth.ldap.util.ConfigConstants; +import com.amazon.dlic.auth.ldap.util.Utils; +import com.amazon.dlic.util.SettingsBasedSSLConfigurator.SSLConfigException; +import org.ldaptive.BindRequest; +import org.ldaptive.Connection; +import org.ldaptive.ConnectionFactory; +import org.ldaptive.Credential; +import org.ldaptive.LdapEntry; +import org.ldaptive.LdapException; +import org.ldaptive.Response; +import org.ldaptive.ReturnAttributes; +import org.ldaptive.pool.ConnectionPool; + public class LDAPAuthenticationBackend2 implements AuthenticationBackend, Destroyable { protected static final Logger log = LogManager.getLogger(LDAPAuthenticationBackend2.class); diff --git a/src/main/java/com/amazon/dlic/auth/ldap2/LDAPAuthorizationBackend2.java b/src/main/java/com/amazon/dlic/auth/ldap2/LDAPAuthorizationBackend2.java index d8d27de7da..e05b2e1e64 100755 --- a/src/main/java/com/amazon/dlic/auth/ldap2/LDAPAuthorizationBackend2.java +++ b/src/main/java/com/amazon/dlic/auth/ldap2/LDAPAuthorizationBackend2.java @@ -24,28 +24,12 @@ import java.util.List; import java.util.Map; import java.util.Set; - import javax.naming.InvalidNameException; import javax.naming.ldap.LdapName; import com.google.common.collect.HashMultimap; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.ldaptive.Connection; -import org.ldaptive.ConnectionFactory; -import org.ldaptive.LdapAttribute; -import org.ldaptive.LdapEntry; -import org.ldaptive.LdapException; -import org.ldaptive.ReturnAttributes; -import org.ldaptive.SearchFilter; -import org.ldaptive.SearchScope; -import org.ldaptive.pool.ConnectionPool; - -import com.amazon.dlic.auth.ldap.LdapUser; -import com.amazon.dlic.auth.ldap.util.ConfigConstants; -import com.amazon.dlic.auth.ldap.util.LdapHelper; -import com.amazon.dlic.auth.ldap.util.Utils; -import com.amazon.dlic.util.SettingsBasedSSLConfigurator.SSLConfigException; import org.opensearch.OpenSearchSecurityException; import org.opensearch.SpecialPermission; @@ -57,6 +41,21 @@ import org.opensearch.security.user.AuthCredentials; import org.opensearch.security.user.User; +import com.amazon.dlic.auth.ldap.LdapUser; +import com.amazon.dlic.auth.ldap.util.ConfigConstants; +import com.amazon.dlic.auth.ldap.util.LdapHelper; +import com.amazon.dlic.auth.ldap.util.Utils; +import com.amazon.dlic.util.SettingsBasedSSLConfigurator.SSLConfigException; +import org.ldaptive.Connection; +import org.ldaptive.ConnectionFactory; +import org.ldaptive.LdapAttribute; +import org.ldaptive.LdapEntry; +import org.ldaptive.LdapException; +import org.ldaptive.ReturnAttributes; +import org.ldaptive.SearchFilter; +import org.ldaptive.SearchScope; +import org.ldaptive.pool.ConnectionPool; + public class LDAPAuthorizationBackend2 implements AuthorizationBackend, Destroyable { static final int ZERO_PLACEHOLDER = 0; diff --git a/src/main/java/com/amazon/dlic/auth/ldap2/LDAPConnectionFactoryFactory.java b/src/main/java/com/amazon/dlic/auth/ldap2/LDAPConnectionFactoryFactory.java index 877c4160da..308178d651 100644 --- a/src/main/java/com/amazon/dlic/auth/ldap2/LDAPConnectionFactoryFactory.java +++ b/src/main/java/com/amazon/dlic/auth/ldap2/LDAPConnectionFactoryFactory.java @@ -20,6 +20,12 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; + +import org.opensearch.common.settings.Settings; + +import com.amazon.dlic.auth.ldap.util.ConfigConstants; +import com.amazon.dlic.util.SettingsBasedSSLConfigurator; +import com.amazon.dlic.util.SettingsBasedSSLConfigurator.SSLConfigException; import org.ldaptive.ActivePassiveConnectionStrategy; import org.ldaptive.BindConnectionInitializer; import org.ldaptive.CompareRequest; @@ -56,12 +62,6 @@ import org.ldaptive.ssl.CredentialConfigFactory; import org.ldaptive.ssl.SslConfig; -import com.amazon.dlic.auth.ldap.util.ConfigConstants; -import com.amazon.dlic.util.SettingsBasedSSLConfigurator; -import com.amazon.dlic.util.SettingsBasedSSLConfigurator.SSLConfigException; - -import org.opensearch.common.settings.Settings; - import static org.opensearch.security.setting.DeprecatedSettings.checkForDeprecatedSetting; public class LDAPConnectionFactoryFactory { diff --git a/src/main/java/com/amazon/dlic/auth/ldap2/LDAPUserSearcher.java b/src/main/java/com/amazon/dlic/auth/ldap2/LDAPUserSearcher.java index 966555daff..6013d0379e 100644 --- a/src/main/java/com/amazon/dlic/auth/ldap2/LDAPUserSearcher.java +++ b/src/main/java/com/amazon/dlic/auth/ldap2/LDAPUserSearcher.java @@ -21,16 +21,16 @@ import org.apache.commons.lang3.tuple.Pair; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.ldaptive.Connection; -import org.ldaptive.LdapEntry; -import org.ldaptive.SearchFilter; -import org.ldaptive.SearchScope; + +import org.opensearch.common.settings.Settings; import com.amazon.dlic.auth.ldap.util.ConfigConstants; import com.amazon.dlic.auth.ldap.util.LdapHelper; import com.amazon.dlic.auth.ldap.util.Utils; - -import org.opensearch.common.settings.Settings; +import org.ldaptive.Connection; +import org.ldaptive.LdapEntry; +import org.ldaptive.SearchFilter; +import org.ldaptive.SearchScope; public class LDAPUserSearcher { protected static final Logger log = LogManager.getLogger(LDAPUserSearcher.class); diff --git a/src/main/java/com/amazon/dlic/auth/ldap2/MakeJava9Happy.java b/src/main/java/com/amazon/dlic/auth/ldap2/MakeJava9Happy.java index 63e88fd2d4..67bf49cfd7 100644 --- a/src/main/java/com/amazon/dlic/auth/ldap2/MakeJava9Happy.java +++ b/src/main/java/com/amazon/dlic/auth/ldap2/MakeJava9Happy.java @@ -15,11 +15,11 @@ import java.security.PrivilegedActionException; import java.security.PrivilegedExceptionAction; +import org.opensearch.SpecialPermission; + import io.netty.util.internal.PlatformDependent; import org.ldaptive.ssl.ThreadLocalTLSSocketFactory; -import org.opensearch.SpecialPermission; - public class MakeJava9Happy { private static ClassLoader classLoader; diff --git a/src/main/java/com/amazon/dlic/auth/ldap2/PrivilegedProvider.java b/src/main/java/com/amazon/dlic/auth/ldap2/PrivilegedProvider.java index 7ca4a4ff2e..8f9a18c758 100644 --- a/src/main/java/com/amazon/dlic/auth/ldap2/PrivilegedProvider.java +++ b/src/main/java/com/amazon/dlic/auth/ldap2/PrivilegedProvider.java @@ -15,6 +15,8 @@ import java.security.PrivilegedActionException; import java.security.PrivilegedExceptionAction; +import org.opensearch.SpecialPermission; + import org.ldaptive.AddRequest; import org.ldaptive.BindRequest; import org.ldaptive.CompareRequest; @@ -35,8 +37,6 @@ import org.ldaptive.provider.SearchListener; import org.ldaptive.provider.jndi.JndiProviderConfig; -import org.opensearch.SpecialPermission; - public class PrivilegedProvider implements Provider { private final Provider delegate; diff --git a/src/main/java/com/amazon/dlic/util/SettingsBasedSSLConfigurator.java b/src/main/java/com/amazon/dlic/util/SettingsBasedSSLConfigurator.java index ed42117a04..a60167a1bc 100644 --- a/src/main/java/com/amazon/dlic/util/SettingsBasedSSLConfigurator.java +++ b/src/main/java/com/amazon/dlic/util/SettingsBasedSSLConfigurator.java @@ -25,7 +25,6 @@ import java.util.Collection; import java.util.List; import java.util.Map; - import javax.net.ssl.HostnameVerifier; import javax.net.ssl.KeyManager; import javax.net.ssl.SSLContext; diff --git a/src/main/java/com/amazon/dlic/util/SettingsBasedSSLConfiguratorV4.java b/src/main/java/com/amazon/dlic/util/SettingsBasedSSLConfiguratorV4.java index c2de5d95a2..9c273a14a4 100644 --- a/src/main/java/com/amazon/dlic/util/SettingsBasedSSLConfiguratorV4.java +++ b/src/main/java/com/amazon/dlic/util/SettingsBasedSSLConfiguratorV4.java @@ -26,7 +26,6 @@ import java.util.Collection; import java.util.List; import java.util.Map; - import javax.net.ssl.HostnameVerifier; import javax.net.ssl.KeyManager; import javax.net.ssl.SSLContext; diff --git a/src/main/java/org/opensearch/security/DefaultObjectMapper.java b/src/main/java/org/opensearch/security/DefaultObjectMapper.java index f8564cb21b..48aa09541a 100644 --- a/src/main/java/org/opensearch/security/DefaultObjectMapper.java +++ b/src/main/java/org/opensearch/security/DefaultObjectMapper.java @@ -33,6 +33,7 @@ import java.util.Map; import java.util.Set; +import com.google.common.collect.ImmutableSet; import com.fasterxml.jackson.annotation.JsonInclude.Include; import com.fasterxml.jackson.core.JsonParser; import com.fasterxml.jackson.core.JsonProcessingException; @@ -46,7 +47,6 @@ import com.fasterxml.jackson.databind.introspect.BeanPropertyDefinition; import com.fasterxml.jackson.databind.type.TypeFactory; import com.fasterxml.jackson.dataformat.yaml.YAMLFactory; -import com.google.common.collect.ImmutableSet; import org.opensearch.SpecialPermission; diff --git a/src/main/java/org/opensearch/security/OpenSearchSecurityPlugin.java b/src/main/java/org/opensearch/security/OpenSearchSecurityPlugin.java index de7693e393..3c04816c32 100644 --- a/src/main/java/org/opensearch/security/OpenSearchSecurityPlugin.java +++ b/src/main/java/org/opensearch/security/OpenSearchSecurityPlugin.java @@ -28,13 +28,41 @@ // CS-SUPPRESS-SINGLE: RegexpSingleline Extensions manager used to allow/disallow TLS connections to extensions -import com.google.common.collect.Lists; +import java.io.IOException; +import java.nio.file.Files; +import java.nio.file.LinkOption; +import java.nio.file.Path; +import java.nio.file.attribute.PosixFilePermission; +import java.security.AccessController; +import java.security.MessageDigest; +import java.security.PrivilegedAction; +import java.security.Security; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collection; +import java.util.Collections; +import java.util.HashMap; +import java.util.HashSet; +import java.util.List; +import java.util.Map; +import java.util.Objects; +import java.util.Set; +import java.util.concurrent.atomic.AtomicReference; +import java.util.function.BiFunction; +import java.util.function.Function; +import java.util.function.Predicate; +import java.util.function.Supplier; +import java.util.function.UnaryOperator; +import java.util.stream.Collectors; +import java.util.stream.Stream; +import com.google.common.collect.Lists; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; import org.apache.lucene.search.QueryCachingPolicy; import org.apache.lucene.search.Weight; import org.bouncycastle.jce.provider.BouncyCastleProvider; + import org.opensearch.OpenSearchException; import org.opensearch.OpenSearchSecurityException; import org.opensearch.SpecialPermission; @@ -173,34 +201,6 @@ import org.opensearch.transport.TransportService; import org.opensearch.watcher.ResourceWatcherService; -import java.io.IOException; -import java.nio.file.Files; -import java.nio.file.LinkOption; -import java.nio.file.Path; -import java.nio.file.attribute.PosixFilePermission; -import java.security.AccessController; -import java.security.MessageDigest; -import java.security.PrivilegedAction; -import java.security.Security; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.Collection; -import java.util.Collections; -import java.util.HashMap; -import java.util.HashSet; -import java.util.List; -import java.util.Map; -import java.util.Objects; -import java.util.Set; -import java.util.concurrent.atomic.AtomicReference; -import java.util.function.BiFunction; -import java.util.function.Function; -import java.util.function.Predicate; -import java.util.function.Supplier; -import java.util.function.UnaryOperator; -import java.util.stream.Collectors; -import java.util.stream.Stream; - import static org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator.ENDPOINTS_WITH_PERMISSIONS; import static org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator.SECURITY_CONFIG_UPDATE; import static org.opensearch.security.setting.DeprecatedSettings.checkForDeprecatedSetting; diff --git a/src/main/java/org/opensearch/security/action/configupdate/TransportConfigUpdateAction.java b/src/main/java/org/opensearch/security/action/configupdate/TransportConfigUpdateAction.java index 1e5b5e4056..64149a7c97 100644 --- a/src/main/java/org/opensearch/security/action/configupdate/TransportConfigUpdateAction.java +++ b/src/main/java/org/opensearch/security/action/configupdate/TransportConfigUpdateAction.java @@ -38,9 +38,9 @@ import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.inject.Inject; import org.opensearch.common.inject.Provider; +import org.opensearch.common.settings.Settings; import org.opensearch.core.common.io.stream.StreamInput; import org.opensearch.core.common.io.stream.StreamOutput; -import org.opensearch.common.settings.Settings; import org.opensearch.security.auth.BackendRegistry; import org.opensearch.security.configuration.ConfigurationRepository; import org.opensearch.security.securityconf.DynamicConfigFactory; diff --git a/src/main/java/org/opensearch/security/action/onbehalf/CreateOnBehalfOfTokenAction.java b/src/main/java/org/opensearch/security/action/onbehalf/CreateOnBehalfOfTokenAction.java index 0863fee552..02b88bbd5c 100644 --- a/src/main/java/org/opensearch/security/action/onbehalf/CreateOnBehalfOfTokenAction.java +++ b/src/main/java/org/opensearch/security/action/onbehalf/CreateOnBehalfOfTokenAction.java @@ -21,6 +21,7 @@ import org.apache.logging.log4j.Logger; import org.opensearch.client.node.NodeClient; +import org.opensearch.core.rest.RestStatus; import org.opensearch.core.xcontent.XContentBuilder; import org.opensearch.identity.tokens.OnBehalfOfClaims; import org.opensearch.rest.BaseRestHandler; @@ -28,7 +29,6 @@ import org.opensearch.rest.NamedRoute; import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestRequest; -import org.opensearch.core.rest.RestStatus; import org.opensearch.security.identity.SecurityTokenManager; import static org.opensearch.rest.RestRequest.Method.POST; diff --git a/src/main/java/org/opensearch/security/action/whoami/TransportWhoAmIAction.java b/src/main/java/org/opensearch/security/action/whoami/TransportWhoAmIAction.java index f7e741b868..4bc6238765 100644 --- a/src/main/java/org/opensearch/security/action/whoami/TransportWhoAmIAction.java +++ b/src/main/java/org/opensearch/security/action/whoami/TransportWhoAmIAction.java @@ -26,12 +26,12 @@ package org.opensearch.security.action.whoami; -import org.opensearch.core.action.ActionListener; import org.opensearch.action.support.ActionFilters; import org.opensearch.action.support.HandledTransportAction; import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.inject.Inject; import org.opensearch.common.settings.Settings; +import org.opensearch.core.action.ActionListener; import org.opensearch.security.configuration.AdminDNs; import org.opensearch.security.support.ConfigConstants; import org.opensearch.security.support.HeaderHelper; diff --git a/src/main/java/org/opensearch/security/auditlog/AuditLog.java b/src/main/java/org/opensearch/security/auditlog/AuditLog.java index 997b9e4b87..45eb8cd1e6 100644 --- a/src/main/java/org/opensearch/security/auditlog/AuditLog.java +++ b/src/main/java/org/opensearch/security/auditlog/AuditLog.java @@ -29,12 +29,12 @@ import java.io.Closeable; import java.util.Map; +import org.opensearch.core.index.shard.ShardId; import org.opensearch.index.engine.Engine.Delete; import org.opensearch.index.engine.Engine.DeleteResult; import org.opensearch.index.engine.Engine.Index; import org.opensearch.index.engine.Engine.IndexResult; import org.opensearch.index.get.GetResult; -import org.opensearch.core.index.shard.ShardId; import org.opensearch.security.auditlog.config.AuditConfig; import org.opensearch.security.compliance.ComplianceConfig; import org.opensearch.security.filter.SecurityRequest; diff --git a/src/main/java/org/opensearch/security/auditlog/NullAuditLog.java b/src/main/java/org/opensearch/security/auditlog/NullAuditLog.java index 1ac4492a94..cff4157250 100644 --- a/src/main/java/org/opensearch/security/auditlog/NullAuditLog.java +++ b/src/main/java/org/opensearch/security/auditlog/NullAuditLog.java @@ -29,12 +29,12 @@ import java.io.IOException; import java.util.Map; +import org.opensearch.core.index.shard.ShardId; import org.opensearch.index.engine.Engine.Delete; import org.opensearch.index.engine.Engine.DeleteResult; import org.opensearch.index.engine.Engine.Index; import org.opensearch.index.engine.Engine.IndexResult; import org.opensearch.index.get.GetResult; -import org.opensearch.core.index.shard.ShardId; import org.opensearch.security.auditlog.config.AuditConfig; import org.opensearch.security.compliance.ComplianceConfig; import org.opensearch.security.filter.SecurityRequest; diff --git a/src/main/java/org/opensearch/security/auditlog/config/AuditConfig.java b/src/main/java/org/opensearch/security/auditlog/config/AuditConfig.java index f6f9a42e87..2cffd93dfa 100644 --- a/src/main/java/org/opensearch/security/auditlog/config/AuditConfig.java +++ b/src/main/java/org/opensearch/security/auditlog/config/AuditConfig.java @@ -17,15 +17,15 @@ import java.util.Set; import java.util.stream.Collectors; +import com.google.common.annotations.VisibleForTesting; +import com.google.common.collect.ImmutableList; +import com.google.common.collect.ImmutableSet; +import com.google.common.collect.Sets; import com.fasterxml.jackson.annotation.JsonCreator; import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException; -import com.google.common.annotations.VisibleForTesting; -import com.google.common.collect.ImmutableList; -import com.google.common.collect.ImmutableSet; -import com.google.common.collect.Sets; import org.apache.logging.log4j.Logger; import org.opensearch.common.settings.Settings; diff --git a/src/main/java/org/opensearch/security/auditlog/impl/AbstractAuditLog.java b/src/main/java/org/opensearch/security/auditlog/impl/AbstractAuditLog.java index a395327f42..d97adc358b 100644 --- a/src/main/java/org/opensearch/security/auditlog/impl/AbstractAuditLog.java +++ b/src/main/java/org/opensearch/security/auditlog/impl/AbstractAuditLog.java @@ -26,10 +26,9 @@ import java.util.concurrent.atomic.AtomicBoolean; import java.util.stream.Collectors; -import com.fasterxml.jackson.databind.JsonNode; -import com.flipkart.zjsonpatch.JsonDiff; import com.google.common.annotations.VisibleForTesting; import com.google.common.io.BaseEncoding; +import com.fasterxml.jackson.databind.JsonNode; import org.apache.commons.codec.digest.DigestUtils; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; @@ -42,14 +41,15 @@ import org.opensearch.action.update.UpdateRequest; import org.opensearch.cluster.metadata.IndexNameExpressionResolver; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.collect.Tuple; import org.opensearch.common.settings.Settings; -import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.common.xcontent.XContentHelper; -import org.opensearch.core.xcontent.MediaType; import org.opensearch.common.xcontent.XContentType; import org.opensearch.common.xcontent.json.JsonXContent; +import org.opensearch.core.common.bytes.BytesReference; +import org.opensearch.core.common.transport.TransportAddress; +import org.opensearch.core.index.shard.ShardId; +import org.opensearch.core.xcontent.MediaType; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.core.xcontent.XContentBuilder; import org.opensearch.core.xcontent.XContentParser; @@ -59,7 +59,6 @@ import org.opensearch.index.engine.Engine.Index; import org.opensearch.index.engine.Engine.IndexResult; import org.opensearch.index.get.GetResult; -import org.opensearch.core.index.shard.ShardId; import org.opensearch.security.DefaultObjectMapper; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.auditlog.config.AuditConfig; @@ -73,6 +72,8 @@ import org.opensearch.threadpool.ThreadPool; import org.opensearch.transport.TransportRequest; +import com.flipkart.zjsonpatch.JsonDiff; + import static org.opensearch.core.xcontent.DeprecationHandler.THROW_UNSUPPORTED_OPERATION; public abstract class AbstractAuditLog implements AuditLog { diff --git a/src/main/java/org/opensearch/security/auditlog/impl/AuditLogImpl.java b/src/main/java/org/opensearch/security/auditlog/impl/AuditLogImpl.java index 8da4b13d4c..e860ec0d5e 100644 --- a/src/main/java/org/opensearch/security/auditlog/impl/AuditLogImpl.java +++ b/src/main/java/org/opensearch/security/auditlog/impl/AuditLogImpl.java @@ -17,20 +17,18 @@ import java.security.PrivilegedAction; import java.util.Map; -import org.greenrobot.eventbus.Subscribe; - import org.opensearch.SpecialPermission; import org.opensearch.client.Client; import org.opensearch.cluster.metadata.IndexNameExpressionResolver; import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.settings.Settings; +import org.opensearch.core.index.shard.ShardId; import org.opensearch.env.Environment; import org.opensearch.index.engine.Engine.Delete; import org.opensearch.index.engine.Engine.DeleteResult; import org.opensearch.index.engine.Engine.Index; import org.opensearch.index.engine.Engine.IndexResult; import org.opensearch.index.get.GetResult; -import org.opensearch.core.index.shard.ShardId; import org.opensearch.security.auditlog.config.AuditConfig; import org.opensearch.security.auditlog.routing.AuditMessageRouter; import org.opensearch.security.filter.SecurityRequest; @@ -38,6 +36,8 @@ import org.opensearch.threadpool.ThreadPool; import org.opensearch.transport.TransportRequest; +import org.greenrobot.eventbus.Subscribe; + public final class AuditLogImpl extends AbstractAuditLog { private final AuditMessageRouter messageRouter; diff --git a/src/main/java/org/opensearch/security/auditlog/impl/AuditMessage.java b/src/main/java/org/opensearch/security/auditlog/impl/AuditMessage.java index a41b4625c2..8b24a554d1 100644 --- a/src/main/java/org/opensearch/security/auditlog/impl/AuditMessage.java +++ b/src/main/java/org/opensearch/security/auditlog/impl/AuditMessage.java @@ -27,32 +27,33 @@ import com.google.common.annotations.VisibleForTesting; import org.apache.commons.codec.digest.DigestUtils; import org.apache.hc.core5.net.URIBuilder; -import org.joda.time.DateTime; -import org.joda.time.DateTimeZone; -import org.joda.time.format.DateTimeFormat; -import org.joda.time.format.DateTimeFormatter; import org.opensearch.ExceptionsHelper; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.collect.Tuple; -import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.common.xcontent.XContentHelper; -import org.opensearch.core.xcontent.MediaType; import org.opensearch.common.xcontent.XContentType; import org.opensearch.common.xcontent.json.JsonXContent; import org.opensearch.core.common.Strings; +import org.opensearch.core.common.bytes.BytesReference; +import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.core.index.shard.ShardId; +import org.opensearch.core.xcontent.MediaType; import org.opensearch.rest.RestRequest; import org.opensearch.security.auditlog.AuditLog.Operation; import org.opensearch.security.auditlog.AuditLog.Origin; import org.opensearch.security.auditlog.config.AuditConfig; import org.opensearch.security.dlic.rest.support.Utils; -import org.opensearch.security.filter.SecurityRequest; import org.opensearch.security.filter.OpenSearchRequest; +import org.opensearch.security.filter.SecurityRequest; import org.opensearch.security.securityconf.impl.CType; import org.opensearch.security.support.WildcardMatcher; +import org.joda.time.DateTime; +import org.joda.time.DateTimeZone; +import org.joda.time.format.DateTimeFormat; +import org.joda.time.format.DateTimeFormatter; + import static org.opensearch.security.OpenSearchSecurityPlugin.LEGACY_OPENDISTRO_PREFIX; import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX; diff --git a/src/main/java/org/opensearch/security/auditlog/impl/RequestResolver.java b/src/main/java/org/opensearch/security/auditlog/impl/RequestResolver.java index 8a1177ec60..ea4289150e 100644 --- a/src/main/java/org/opensearch/security/auditlog/impl/RequestResolver.java +++ b/src/main/java/org/opensearch/security/auditlog/impl/RequestResolver.java @@ -41,15 +41,15 @@ import org.opensearch.action.update.UpdateRequest; import org.opensearch.cluster.metadata.IndexNameExpressionResolver; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.collect.Tuple; import org.opensearch.common.settings.Settings; -import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.common.xcontent.XContentFactory; -import org.opensearch.core.xcontent.MediaType; import org.opensearch.common.xcontent.XContentType; -import org.opensearch.core.xcontent.XContentBuilder; +import org.opensearch.core.common.bytes.BytesReference; +import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.core.index.Index; +import org.opensearch.core.xcontent.MediaType; +import org.opensearch.core.xcontent.XContentBuilder; import org.opensearch.index.reindex.DeleteByQueryRequest; import org.opensearch.index.reindex.ReindexRequest; import org.opensearch.index.reindex.UpdateByQueryRequest; diff --git a/src/main/java/org/opensearch/security/auditlog/sink/AuditLogSink.java b/src/main/java/org/opensearch/security/auditlog/sink/AuditLogSink.java index a482b81c29..d034014612 100644 --- a/src/main/java/org/opensearch/security/auditlog/sink/AuditLogSink.java +++ b/src/main/java/org/opensearch/security/auditlog/sink/AuditLogSink.java @@ -18,14 +18,15 @@ import com.google.common.util.concurrent.Uninterruptibles; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.joda.time.DateTime; -import org.joda.time.DateTimeZone; -import org.joda.time.format.DateTimeFormatter; import org.opensearch.common.settings.Settings; import org.opensearch.security.auditlog.impl.AuditMessage; import org.opensearch.security.support.ConfigConstants; +import org.joda.time.DateTime; +import org.joda.time.DateTimeZone; +import org.joda.time.format.DateTimeFormatter; + public abstract class AuditLogSink { protected final Logger log = LogManager.getLogger(this.getClass()); diff --git a/src/main/java/org/opensearch/security/auditlog/sink/DebugSink.java b/src/main/java/org/opensearch/security/auditlog/sink/DebugSink.java index f53d4c2af3..daf84b979d 100644 --- a/src/main/java/org/opensearch/security/auditlog/sink/DebugSink.java +++ b/src/main/java/org/opensearch/security/auditlog/sink/DebugSink.java @@ -13,6 +13,7 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; + import org.opensearch.common.settings.Settings; import org.opensearch.security.auditlog.impl.AuditMessage; diff --git a/src/main/java/org/opensearch/security/auditlog/sink/ExternalOpenSearchSink.java b/src/main/java/org/opensearch/security/auditlog/sink/ExternalOpenSearchSink.java index f3a8d288f8..7bde676399 100644 --- a/src/main/java/org/opensearch/security/auditlog/sink/ExternalOpenSearchSink.java +++ b/src/main/java/org/opensearch/security/auditlog/sink/ExternalOpenSearchSink.java @@ -20,9 +20,6 @@ import java.util.Collections; import java.util.List; -import org.joda.time.format.DateTimeFormat; -import org.joda.time.format.DateTimeFormatter; - import org.opensearch.common.settings.Settings; import org.opensearch.security.auditlog.impl.AuditMessage; import org.opensearch.security.httpclient.HttpClient; @@ -31,6 +28,9 @@ import org.opensearch.security.support.ConfigConstants; import org.opensearch.security.support.PemKeyReader; +import org.joda.time.format.DateTimeFormat; +import org.joda.time.format.DateTimeFormatter; + import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD; import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD; diff --git a/src/main/java/org/opensearch/security/auditlog/sink/InternalOpenSearchSink.java b/src/main/java/org/opensearch/security/auditlog/sink/InternalOpenSearchSink.java index f01051c70f..dd1db488da 100644 --- a/src/main/java/org/opensearch/security/auditlog/sink/InternalOpenSearchSink.java +++ b/src/main/java/org/opensearch/security/auditlog/sink/InternalOpenSearchSink.java @@ -14,9 +14,6 @@ import java.io.IOException; import java.nio.file.Path; -import org.joda.time.format.DateTimeFormat; -import org.joda.time.format.DateTimeFormatter; - import org.opensearch.action.index.IndexRequestBuilder; import org.opensearch.action.support.WriteRequest.RefreshPolicy; import org.opensearch.client.Client; @@ -28,6 +25,9 @@ import org.opensearch.security.support.HeaderHelper; import org.opensearch.threadpool.ThreadPool; +import org.joda.time.format.DateTimeFormat; +import org.joda.time.format.DateTimeFormatter; + public final class InternalOpenSearchSink extends AuditLogSink { private final Client clientProvider; diff --git a/src/main/java/org/opensearch/security/auditlog/sink/WebhookSink.java b/src/main/java/org/opensearch/security/auditlog/sink/WebhookSink.java index 8616fa9df5..219a7d05ac 100644 --- a/src/main/java/org/opensearch/security/auditlog/sink/WebhookSink.java +++ b/src/main/java/org/opensearch/security/auditlog/sink/WebhookSink.java @@ -21,7 +21,6 @@ import java.security.PrivilegedAction; import java.security.cert.X509Certificate; import java.util.concurrent.TimeUnit; - import javax.net.ssl.SSLContext; import org.apache.hc.client5.http.classic.methods.HttpGet; @@ -42,6 +41,7 @@ import org.apache.hc.core5.ssl.SSLContextBuilder; import org.apache.hc.core5.ssl.TrustStrategy; import org.apache.http.HttpStatus; + import org.opensearch.common.settings.Settings; import org.opensearch.core.common.Strings; import org.opensearch.security.auditlog.impl.AuditMessage; diff --git a/src/main/java/org/opensearch/security/auth/BackendRegistry.java b/src/main/java/org/opensearch/security/auth/BackendRegistry.java index a064207964..3f6aae0720 100644 --- a/src/main/java/org/opensearch/security/auth/BackendRegistry.java +++ b/src/main/java/org/opensearch/security/auth/BackendRegistry.java @@ -44,10 +44,8 @@ import com.google.common.cache.RemovalListener; import com.google.common.cache.RemovalNotification; import com.google.common.collect.Multimap; - import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.greenrobot.eventbus.Subscribe; import org.opensearch.OpenSearchSecurityException; import org.opensearch.common.settings.Settings; @@ -68,6 +66,8 @@ import org.opensearch.security.user.User; import org.opensearch.threadpool.ThreadPool; +import org.greenrobot.eventbus.Subscribe; + import static org.apache.http.HttpStatus.SC_FORBIDDEN; import static org.apache.http.HttpStatus.SC_SERVICE_UNAVAILABLE; import static org.apache.http.HttpStatus.SC_UNAUTHORIZED; diff --git a/src/main/java/org/opensearch/security/auth/UserInjector.java b/src/main/java/org/opensearch/security/auth/UserInjector.java index 351afde0f1..456dd9a1c2 100644 --- a/src/main/java/org/opensearch/security/auth/UserInjector.java +++ b/src/main/java/org/opensearch/security/auth/UserInjector.java @@ -38,9 +38,9 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; +import org.opensearch.common.settings.Settings; import org.opensearch.core.common.io.stream.StreamInput; import org.opensearch.core.common.io.stream.StreamOutput; -import org.opensearch.common.settings.Settings; import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.filter.SecurityRequestChannel; diff --git a/src/main/java/org/opensearch/security/auth/internal/InternalAuthenticationBackend.java b/src/main/java/org/opensearch/security/auth/internal/InternalAuthenticationBackend.java index 98443a2902..d3dba7409e 100644 --- a/src/main/java/org/opensearch/security/auth/internal/InternalAuthenticationBackend.java +++ b/src/main/java/org/opensearch/security/auth/internal/InternalAuthenticationBackend.java @@ -36,7 +36,6 @@ import java.util.Map.Entry; import org.bouncycastle.crypto.generators.OpenBSDBCrypt; -import org.greenrobot.eventbus.Subscribe; import org.opensearch.OpenSearchSecurityException; import org.opensearch.security.auth.AuthenticationBackend; @@ -45,6 +44,8 @@ import org.opensearch.security.user.AuthCredentials; import org.opensearch.security.user.User; +import org.greenrobot.eventbus.Subscribe; + public class InternalAuthenticationBackend implements AuthenticationBackend, AuthorizationBackend { private InternalUsersModel internalUsersModel; diff --git a/src/main/java/org/opensearch/security/authtoken/jwt/EncryptionDecryptionUtil.java b/src/main/java/org/opensearch/security/authtoken/jwt/EncryptionDecryptionUtil.java index 2e11fed64a..4cd2ddab2a 100644 --- a/src/main/java/org/opensearch/security/authtoken/jwt/EncryptionDecryptionUtil.java +++ b/src/main/java/org/opensearch/security/authtoken/jwt/EncryptionDecryptionUtil.java @@ -14,7 +14,6 @@ import java.nio.charset.StandardCharsets; import java.util.Arrays; import java.util.Base64; - import javax.crypto.Cipher; import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; diff --git a/src/main/java/org/opensearch/security/authtoken/jwt/JwtVendor.java b/src/main/java/org/opensearch/security/authtoken/jwt/JwtVendor.java index 6340688607..e21d9257ff 100644 --- a/src/main/java/org/opensearch/security/authtoken/jwt/JwtVendor.java +++ b/src/main/java/org/opensearch/security/authtoken/jwt/JwtVendor.java @@ -18,10 +18,14 @@ import java.util.Optional; import java.util.function.LongSupplier; -import com.nimbusds.jose.JOSEException; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; +import org.opensearch.OpenSearchException; +import org.opensearch.common.collect.Tuple; +import org.opensearch.common.settings.Settings; + +import com.nimbusds.jose.JOSEException; import com.nimbusds.jose.JWSAlgorithm; import com.nimbusds.jose.JWSHeader; import com.nimbusds.jose.JWSSigner; @@ -33,10 +37,6 @@ import com.nimbusds.jwt.JWTClaimsSet; import com.nimbusds.jwt.SignedJWT; -import org.opensearch.OpenSearchException; -import org.opensearch.common.collect.Tuple; -import org.opensearch.common.settings.Settings; - import static org.opensearch.security.util.AuthTokenUtils.isKeyNull; public class JwtVendor { diff --git a/src/main/java/org/opensearch/security/authtoken/jwt/KeyPaddingUtil.java b/src/main/java/org/opensearch/security/authtoken/jwt/KeyPaddingUtil.java index 41bf2955f2..7c041a5c2f 100644 --- a/src/main/java/org/opensearch/security/authtoken/jwt/KeyPaddingUtil.java +++ b/src/main/java/org/opensearch/security/authtoken/jwt/KeyPaddingUtil.java @@ -11,10 +11,11 @@ package org.opensearch.security.authtoken.jwt; +import org.apache.commons.lang3.StringUtils; + import com.nimbusds.jose.JOSEException; import com.nimbusds.jose.JWSAlgorithm; import com.nimbusds.jose.util.ByteUtils; -import org.apache.commons.lang3.StringUtils; import static com.nimbusds.jose.crypto.MACSigner.getMinRequiredSecretLength; diff --git a/src/main/java/org/opensearch/security/compliance/ComplianceConfig.java b/src/main/java/org/opensearch/security/compliance/ComplianceConfig.java index 1d81479f37..edc5248781 100644 --- a/src/main/java/org/opensearch/security/compliance/ComplianceConfig.java +++ b/src/main/java/org/opensearch/security/compliance/ComplianceConfig.java @@ -33,13 +33,6 @@ import java.util.Set; import java.util.concurrent.ExecutionException; -import com.fasterxml.jackson.annotation.JacksonInject; -import com.fasterxml.jackson.annotation.JsonAutoDetect; -import com.fasterxml.jackson.annotation.JsonCreator; -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException; import com.google.common.annotations.VisibleForTesting; import com.google.common.cache.CacheBuilder; import com.google.common.cache.CacheLoader; @@ -47,12 +40,15 @@ import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableMap; import com.google.common.collect.ImmutableSet; +import com.fasterxml.jackson.annotation.JacksonInject; +import com.fasterxml.jackson.annotation.JsonAutoDetect; +import com.fasterxml.jackson.annotation.JsonCreator; +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.joda.time.DateTime; -import org.joda.time.DateTimeZone; -import org.joda.time.format.DateTimeFormat; -import org.joda.time.format.DateTimeFormatter; import org.opensearch.common.settings.Settings; import org.opensearch.core.common.Strings; @@ -61,6 +57,11 @@ import org.opensearch.security.support.ConfigConstants; import org.opensearch.security.support.WildcardMatcher; +import org.joda.time.DateTime; +import org.joda.time.DateTimeZone; +import org.joda.time.format.DateTimeFormat; +import org.joda.time.format.DateTimeFormatter; + import static org.opensearch.security.DefaultObjectMapper.getOrDefault; /** diff --git a/src/main/java/org/opensearch/security/compliance/ComplianceIndexingOperationListenerImpl.java b/src/main/java/org/opensearch/security/compliance/ComplianceIndexingOperationListenerImpl.java index c1ac1271bb..4c97cdc730 100644 --- a/src/main/java/org/opensearch/security/compliance/ComplianceIndexingOperationListenerImpl.java +++ b/src/main/java/org/opensearch/security/compliance/ComplianceIndexingOperationListenerImpl.java @@ -17,6 +17,7 @@ import org.apache.logging.log4j.Logger; import org.opensearch.OpenSearchException; +import org.opensearch.core.index.shard.ShardId; import org.opensearch.index.IndexService; import org.opensearch.index.engine.Engine.Delete; import org.opensearch.index.engine.Engine.DeleteResult; @@ -24,7 +25,6 @@ import org.opensearch.index.engine.Engine.IndexResult; import org.opensearch.index.get.GetResult; import org.opensearch.index.shard.IndexShard; -import org.opensearch.core.index.shard.ShardId; import org.opensearch.security.auditlog.AuditLog; public final class ComplianceIndexingOperationListenerImpl extends ComplianceIndexingOperationListener { diff --git a/src/main/java/org/opensearch/security/compliance/FieldReadCallback.java b/src/main/java/org/opensearch/security/compliance/FieldReadCallback.java index 3f2d764f1d..210a198e2e 100644 --- a/src/main/java/org/opensearch/security/compliance/FieldReadCallback.java +++ b/src/main/java/org/opensearch/security/compliance/FieldReadCallback.java @@ -19,7 +19,6 @@ import java.util.Objects; import java.util.function.Function; -import com.github.wnameless.json.flattener.JsonFlattener; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; import org.apache.lucene.index.FieldInfo; @@ -28,15 +27,17 @@ import org.opensearch.common.util.concurrent.ThreadContext; import org.opensearch.common.xcontent.support.XContentMapValues; import org.opensearch.core.index.Index; +import org.opensearch.core.index.shard.ShardId; import org.opensearch.index.IndexService; import org.opensearch.index.mapper.Uid; -import org.opensearch.core.index.shard.ShardId; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.dlic.rest.support.Utils; import org.opensearch.security.support.HeaderHelper; import org.opensearch.security.support.SourceFieldsContext; import org.opensearch.security.support.WildcardMatcher; +import com.github.wnameless.json.flattener.JsonFlattener; + //TODO We need to deal with caching!! //Currently we disable caching (and realtime requests) when FLS or DLS is applied //Check if we can hook in into the caches diff --git a/src/main/java/org/opensearch/security/configuration/AdminDNs.java b/src/main/java/org/opensearch/security/configuration/AdminDNs.java index 204f277808..cdbbf8545b 100644 --- a/src/main/java/org/opensearch/security/configuration/AdminDNs.java +++ b/src/main/java/org/opensearch/security/configuration/AdminDNs.java @@ -33,7 +33,6 @@ import java.util.Objects; import java.util.Set; import java.util.function.Function; - import javax.naming.InvalidNameException; import javax.naming.ldap.LdapName; diff --git a/src/main/java/org/opensearch/security/configuration/CompatConfig.java b/src/main/java/org/opensearch/security/configuration/CompatConfig.java index ec2a521afe..a8de00f64e 100644 --- a/src/main/java/org/opensearch/security/configuration/CompatConfig.java +++ b/src/main/java/org/opensearch/security/configuration/CompatConfig.java @@ -28,7 +28,6 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.greenrobot.eventbus.Subscribe; import org.opensearch.common.settings.Settings; import org.opensearch.env.Environment; @@ -36,6 +35,8 @@ import org.opensearch.security.setting.OpensearchDynamicSetting; import org.opensearch.security.support.ConfigConstants; +import org.greenrobot.eventbus.Subscribe; + import static org.opensearch.security.support.ConfigConstants.SECURITY_UNSUPPORTED_PASSIVE_INTERTRANSPORT_AUTH_INITIALLY; public class CompatConfig { diff --git a/src/main/java/org/opensearch/security/configuration/ConfigurationLoaderSecurity7.java b/src/main/java/org/opensearch/security/configuration/ConfigurationLoaderSecurity7.java index ac53895310..8a3047385b 100644 --- a/src/main/java/org/opensearch/security/configuration/ConfigurationLoaderSecurity7.java +++ b/src/main/java/org/opensearch/security/configuration/ConfigurationLoaderSecurity7.java @@ -40,7 +40,6 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.opensearch.core.action.ActionListener; import org.opensearch.action.get.GetResponse; import org.opensearch.action.get.MultiGetItemResponse; import org.opensearch.action.get.MultiGetRequest; @@ -48,10 +47,11 @@ import org.opensearch.action.get.MultiGetResponse.Failure; import org.opensearch.client.Client; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.common.xcontent.XContentHelper; import org.opensearch.common.xcontent.XContentType; +import org.opensearch.core.action.ActionListener; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.core.xcontent.XContentParser; import org.opensearch.security.DefaultObjectMapper; diff --git a/src/main/java/org/opensearch/security/configuration/ConfigurationRepository.java b/src/main/java/org/opensearch/security/configuration/ConfigurationRepository.java index 04ad8f7420..81e9f47370 100644 --- a/src/main/java/org/opensearch/security/configuration/ConfigurationRepository.java +++ b/src/main/java/org/opensearch/security/configuration/ConfigurationRepository.java @@ -63,9 +63,9 @@ import org.opensearch.common.util.concurrent.ThreadContext; import org.opensearch.common.util.concurrent.ThreadContext.StoredContext; import org.opensearch.core.common.Strings; +import org.opensearch.core.rest.RestStatus; import org.opensearch.core.xcontent.MediaTypeRegistry; import org.opensearch.env.Environment; -import org.opensearch.core.rest.RestStatus; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.auditlog.config.AuditConfig; import org.opensearch.security.securityconf.DynamicConfigFactory; diff --git a/src/main/java/org/opensearch/security/configuration/DlsFlsFilterLeafReader.java b/src/main/java/org/opensearch/security/configuration/DlsFlsFilterLeafReader.java index 84dc7f8c19..ac769e37dd 100644 --- a/src/main/java/org/opensearch/security/configuration/DlsFlsFilterLeafReader.java +++ b/src/main/java/org/opensearch/security/configuration/DlsFlsFilterLeafReader.java @@ -65,17 +65,17 @@ import org.opensearch.ExceptionsHelper; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.core.common.bytes.BytesArray; -import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.collect.Tuple; import org.opensearch.common.lucene.index.SequentialStoredFieldsLeafReader; import org.opensearch.common.util.concurrent.ThreadContext; import org.opensearch.common.xcontent.XContentHelper; import org.opensearch.common.xcontent.XContentType; import org.opensearch.common.xcontent.support.XContentMapValues; +import org.opensearch.core.common.bytes.BytesArray; +import org.opensearch.core.common.bytes.BytesReference; +import org.opensearch.core.index.shard.ShardId; import org.opensearch.core.xcontent.XContentBuilder; import org.opensearch.index.IndexService; -import org.opensearch.core.index.shard.ShardId; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.compliance.ComplianceConfig; import org.opensearch.security.compliance.FieldReadCallback; diff --git a/src/main/java/org/opensearch/security/configuration/DlsFlsRequestValve.java b/src/main/java/org/opensearch/security/configuration/DlsFlsRequestValve.java index 954461b43d..1152799bd5 100644 --- a/src/main/java/org/opensearch/security/configuration/DlsFlsRequestValve.java +++ b/src/main/java/org/opensearch/security/configuration/DlsFlsRequestValve.java @@ -26,8 +26,8 @@ package org.opensearch.security.configuration; -import org.opensearch.core.action.ActionListener; import org.opensearch.action.ActionRequest; +import org.opensearch.core.action.ActionListener; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.search.internal.SearchContext; import org.opensearch.search.query.QuerySearchResult; diff --git a/src/main/java/org/opensearch/security/configuration/DlsFlsValveImpl.java b/src/main/java/org/opensearch/security/configuration/DlsFlsValveImpl.java index 06c94c26b5..855db9e896 100644 --- a/src/main/java/org/opensearch/security/configuration/DlsFlsValveImpl.java +++ b/src/main/java/org/opensearch/security/configuration/DlsFlsValveImpl.java @@ -34,7 +34,6 @@ import org.opensearch.OpenSearchException; import org.opensearch.OpenSearchSecurityException; import org.opensearch.SpecialPermission; -import org.opensearch.core.action.ActionListener; import org.opensearch.action.ActionRequest; import org.opensearch.action.DocWriteRequest; import org.opensearch.action.RealtimeRequest; @@ -50,11 +49,12 @@ import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.settings.Settings; import org.opensearch.common.util.concurrent.ThreadContext; +import org.opensearch.core.action.ActionListener; import org.opensearch.core.common.Strings; +import org.opensearch.core.rest.RestStatus; import org.opensearch.core.xcontent.MediaTypeRegistry; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.index.query.ParsedQuery; -import org.opensearch.core.rest.RestStatus; import org.opensearch.search.DocValueFormat; import org.opensearch.search.aggregations.AggregationBuilder; import org.opensearch.search.aggregations.AggregatorFactories; diff --git a/src/main/java/org/opensearch/security/configuration/SecurityFlsDlsIndexSearcherWrapper.java b/src/main/java/org/opensearch/security/configuration/SecurityFlsDlsIndexSearcherWrapper.java index b6df13c9d9..1f1e3f1e48 100644 --- a/src/main/java/org/opensearch/security/configuration/SecurityFlsDlsIndexSearcherWrapper.java +++ b/src/main/java/org/opensearch/security/configuration/SecurityFlsDlsIndexSearcherWrapper.java @@ -24,10 +24,10 @@ import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.settings.Settings; +import org.opensearch.core.index.shard.ShardId; import org.opensearch.index.IndexService; import org.opensearch.index.mapper.IgnoredFieldMapper; import org.opensearch.index.query.QueryShardContext; -import org.opensearch.core.index.shard.ShardId; import org.opensearch.index.shard.ShardUtils; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.compliance.ComplianceIndexingOperationListener; diff --git a/src/main/java/org/opensearch/security/configuration/SecurityIndexSearcherWrapper.java b/src/main/java/org/opensearch/security/configuration/SecurityIndexSearcherWrapper.java index 15a20db98d..b2008861aa 100644 --- a/src/main/java/org/opensearch/security/configuration/SecurityIndexSearcherWrapper.java +++ b/src/main/java/org/opensearch/security/configuration/SecurityIndexSearcherWrapper.java @@ -32,12 +32,11 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; import org.apache.lucene.index.DirectoryReader; -import org.greenrobot.eventbus.Subscribe; import org.opensearch.common.CheckedFunction; import org.opensearch.common.settings.Settings; -import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.common.util.concurrent.ThreadContext; +import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.core.index.Index; import org.opensearch.index.IndexService; import org.opensearch.security.privileges.PrivilegesEvaluator; @@ -47,6 +46,8 @@ import org.opensearch.security.support.WildcardMatcher; import org.opensearch.security.user.User; +import org.greenrobot.eventbus.Subscribe; + public class SecurityIndexSearcherWrapper implements CheckedFunction { protected final Logger log = LogManager.getLogger(this.getClass()); diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/AbstractApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/AbstractApiAction.java index 6cbd7eaf78..04148e8b99 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/AbstractApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/AbstractApiAction.java @@ -11,16 +11,22 @@ package org.opensearch.security.dlic.rest.api; +import java.io.IOException; +import java.util.List; +import java.util.Map; +import java.util.Objects; +import java.util.Optional; +import java.util.Set; + +import com.google.common.collect.ImmutableSet; import com.fasterxml.jackson.core.JsonPointer; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.node.ArrayNode; import com.fasterxml.jackson.databind.node.ObjectNode; -import com.flipkart.zjsonpatch.JsonPatch; -import com.flipkart.zjsonpatch.JsonPatchApplicationException; -import com.google.common.collect.ImmutableSet; import org.apache.commons.lang3.tuple.Pair; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; + import org.opensearch.ExceptionsHelper; import org.opensearch.action.index.IndexRequest; import org.opensearch.action.index.IndexResponse; @@ -57,12 +63,8 @@ import org.opensearch.security.user.User; import org.opensearch.threadpool.ThreadPool; -import java.io.IOException; -import java.util.List; -import java.util.Map; -import java.util.Objects; -import java.util.Optional; -import java.util.Set; +import com.flipkart.zjsonpatch.JsonPatch; +import com.flipkart.zjsonpatch.JsonPatchApplicationException; import static org.opensearch.security.dlic.rest.api.RequestHandler.methodNotImplementedHandler; import static org.opensearch.security.dlic.rest.api.Responses.badRequestMessage; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/AccountApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/AccountApiAction.java index e4a1c0d05a..5d81dfa85d 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/AccountApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/AccountApiAction.java @@ -11,11 +11,16 @@ package org.opensearch.security.dlic.rest.api; +import java.util.List; +import java.util.Map; +import java.util.Set; + import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableMap; import com.google.common.collect.ImmutableSet; import org.apache.commons.lang3.tuple.Triple; import org.bouncycastle.crypto.generators.OpenBSDBCrypt; + import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.settings.Settings; import org.opensearch.core.common.Strings; @@ -35,10 +40,6 @@ import org.opensearch.security.user.User; import org.opensearch.threadpool.ThreadPool; -import java.util.List; -import java.util.Map; -import java.util.Set; - import static org.opensearch.security.dlic.rest.api.Responses.badRequestMessage; import static org.opensearch.security.dlic.rest.api.Responses.ok; import static org.opensearch.security.dlic.rest.api.Responses.response; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiAction.java index 5eb4f202bf..172d4a537b 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiAction.java @@ -11,9 +11,15 @@ package org.opensearch.security.dlic.rest.api; +import java.io.IOException; +import java.util.List; +import java.util.Map; +import java.util.Set; + import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableMap; import com.google.common.collect.ImmutableSet; + import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.inject.Inject; import org.opensearch.common.settings.Settings; @@ -29,11 +35,6 @@ import org.opensearch.security.securityconf.impl.v7.ActionGroupsV7; import org.opensearch.threadpool.ThreadPool; -import java.io.IOException; -import java.util.List; -import java.util.Map; -import java.util.Set; - import static org.opensearch.security.dlic.rest.api.RequestHandler.methodNotImplementedHandler; import static org.opensearch.security.dlic.rest.api.Responses.badRequestMessage; import static org.opensearch.security.dlic.rest.support.Utils.addRoutesPrefix; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/AllowlistApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/AllowlistApiAction.java index 349247ee01..b7d4761993 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/AllowlistApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/AllowlistApiAction.java @@ -11,8 +11,12 @@ package org.opensearch.security.dlic.rest.api; +import java.util.List; +import java.util.Map; + import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableMap; + import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.inject.Inject; import org.opensearch.common.settings.Settings; @@ -25,9 +29,6 @@ import org.opensearch.security.tools.SecurityAdmin; import org.opensearch.threadpool.ThreadPool; -import java.util.List; -import java.util.Map; - import static org.opensearch.security.dlic.rest.api.RequestHandler.methodNotImplementedHandler; /** diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/AuditApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/AuditApiAction.java index 20e424e959..47bc1f184e 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/AuditApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/AuditApiAction.java @@ -11,11 +11,17 @@ package org.opensearch.security.dlic.rest.api; -import com.fasterxml.jackson.core.type.TypeReference; -import com.fasterxml.jackson.databind.JsonNode; +import java.io.IOException; +import java.util.List; +import java.util.Map; +import java.util.Set; + import com.google.common.annotations.VisibleForTesting; import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableMap; +import com.fasterxml.jackson.core.type.TypeReference; +import com.fasterxml.jackson.databind.JsonNode; + import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.settings.Settings; import org.opensearch.core.rest.RestStatus; @@ -32,11 +38,6 @@ import org.opensearch.security.securityconf.impl.CType; import org.opensearch.threadpool.ThreadPool; -import java.io.IOException; -import java.util.List; -import java.util.Map; -import java.util.Set; - import static org.opensearch.security.dlic.rest.api.RequestHandler.methodNotImplementedHandler; import static org.opensearch.security.dlic.rest.api.Responses.conflictMessage; import static org.opensearch.security.dlic.rest.api.Responses.methodNotImplementedMessage; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/AuthTokenProcessorAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/AuthTokenProcessorAction.java index e124abb5f7..bc37f41d6e 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/AuthTokenProcessorAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/AuthTokenProcessorAction.java @@ -11,15 +11,15 @@ package org.opensearch.security.dlic.rest.api; +import java.util.Collections; +import java.util.List; + import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.inject.Inject; import org.opensearch.rest.RestRequest.Method; import org.opensearch.security.securityconf.impl.CType; import org.opensearch.threadpool.ThreadPool; -import java.util.Collections; -import java.util.List; - import static org.opensearch.security.dlic.rest.api.Responses.ok; import static org.opensearch.security.dlic.rest.support.Utils.addRoutesPrefix; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/FlushCacheApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/FlushCacheApiAction.java index 640e52df6e..d6f5e24d7d 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/FlushCacheApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/FlushCacheApiAction.java @@ -11,9 +11,12 @@ package org.opensearch.security.dlic.rest.api; +import java.util.List; + import com.google.common.collect.ImmutableList; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; + import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.inject.Inject; import org.opensearch.core.action.ActionListener; @@ -25,8 +28,6 @@ import org.opensearch.security.securityconf.impl.CType; import org.opensearch.threadpool.ThreadPool; -import java.util.List; - import static org.opensearch.security.dlic.rest.api.Responses.internalSeverError; import static org.opensearch.security.dlic.rest.api.Responses.ok; import static org.opensearch.security.dlic.rest.support.Utils.addRoutesPrefix; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/InternalUsersApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/InternalUsersApiAction.java index 449762c8ff..70994504bf 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/InternalUsersApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/InternalUsersApiAction.java @@ -11,9 +11,14 @@ package org.opensearch.security.dlic.rest.api; -import com.fasterxml.jackson.databind.node.ObjectNode; +import java.io.IOException; +import java.util.List; +import java.util.Map; + import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableMap; +import com.fasterxml.jackson.databind.node.ObjectNode; + import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.inject.Inject; import org.opensearch.common.settings.Settings; @@ -35,10 +40,6 @@ import org.opensearch.security.user.UserServiceException; import org.opensearch.threadpool.ThreadPool; -import java.io.IOException; -import java.util.List; -import java.util.Map; - import static org.opensearch.security.dlic.rest.api.Responses.badRequest; import static org.opensearch.security.dlic.rest.api.Responses.badRequestMessage; import static org.opensearch.security.dlic.rest.api.Responses.methodNotImplementedMessage; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/MigrateApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/MigrateApiAction.java index 7f72a92640..7f1adecd3e 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/MigrateApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/MigrateApiAction.java @@ -13,9 +13,14 @@ // CS-SUPPRESS-SINGLE: RegexpSingleline https://github.com/opensearch-project/OpenSearch/issues/3663 +import java.io.IOException; +import java.util.Collections; +import java.util.List; + import com.google.common.collect.ImmutableList; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; + import org.opensearch.action.admin.indices.create.CreateIndexResponse; import org.opensearch.action.bulk.BulkRequestBuilder; import org.opensearch.action.bulk.BulkResponse; @@ -55,10 +60,6 @@ import org.opensearch.security.securityconf.impl.v7.TenantV7; import org.opensearch.threadpool.ThreadPool; -import java.io.IOException; -import java.util.Collections; -import java.util.List; - import static org.opensearch.security.dlic.rest.api.Responses.badRequest; import static org.opensearch.security.dlic.rest.api.Responses.internalSeverError; import static org.opensearch.security.dlic.rest.api.Responses.ok; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/MultiTenancyConfigApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/MultiTenancyConfigApiAction.java index 9928c7897a..d56025aec1 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/MultiTenancyConfigApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/MultiTenancyConfigApiAction.java @@ -11,12 +11,6 @@ package org.opensearch.security.dlic.rest.api; -import static org.opensearch.rest.RestRequest.Method.GET; -import static org.opensearch.rest.RestRequest.Method.PUT; -import static org.opensearch.security.dlic.rest.api.Responses.ok; -import static org.opensearch.security.dlic.rest.api.Responses.response; -import static org.opensearch.security.dlic.rest.support.Utils.addRoutesPrefix; - import java.io.IOException; import java.util.List; import java.util.Map; @@ -25,6 +19,10 @@ import java.util.Set; import java.util.stream.Collectors; +import com.google.common.collect.ImmutableList; +import com.google.common.collect.ImmutableMap; +import com.fasterxml.jackson.databind.JsonNode; + import org.opensearch.action.index.IndexResponse; import org.opensearch.client.Client; import org.opensearch.cluster.service.ClusterService; @@ -40,9 +38,11 @@ import org.opensearch.security.support.ConfigConstants; import org.opensearch.threadpool.ThreadPool; -import com.fasterxml.jackson.databind.JsonNode; -import com.google.common.collect.ImmutableList; -import com.google.common.collect.ImmutableMap; +import static org.opensearch.rest.RestRequest.Method.GET; +import static org.opensearch.rest.RestRequest.Method.PUT; +import static org.opensearch.security.dlic.rest.api.Responses.ok; +import static org.opensearch.security.dlic.rest.api.Responses.response; +import static org.opensearch.security.dlic.rest.support.Utils.addRoutesPrefix; public class MultiTenancyConfigApiAction extends AbstractApiAction { diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/NodesDnApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/NodesDnApiAction.java index ed1f3e0fbb..05c533b1d9 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/NodesDnApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/NodesDnApiAction.java @@ -18,9 +18,9 @@ import java.util.Set; import com.google.common.collect.ImmutableList; - import com.google.common.collect.ImmutableMap; import com.google.common.collect.ImmutableSet; + import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.inject.Inject; import org.opensearch.common.settings.Settings; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/PermissionsInfoAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/PermissionsInfoAction.java index 56d2d24337..e374ba4cf2 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/PermissionsInfoAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/PermissionsInfoAction.java @@ -26,6 +26,7 @@ import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.settings.Settings; import org.opensearch.core.common.transport.TransportAddress; +import org.opensearch.core.rest.RestStatus; import org.opensearch.core.xcontent.XContentBuilder; import org.opensearch.rest.BaseRestHandler; import org.opensearch.rest.BytesRestResponse; @@ -33,7 +34,6 @@ import org.opensearch.rest.RestController; import org.opensearch.rest.RestRequest; import org.opensearch.rest.RestRequest.Method; -import org.opensearch.core.rest.RestStatus; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.configuration.AdminDNs; import org.opensearch.security.configuration.ConfigurationRepository; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/RequestHandler.java b/src/main/java/org/opensearch/security/dlic/rest/api/RequestHandler.java index d9b26c262b..9ab073ace4 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/RequestHandler.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/RequestHandler.java @@ -11,6 +11,14 @@ package org.opensearch.security.dlic.rest.api; +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; +import java.util.Objects; +import java.util.Set; +import java.util.function.Consumer; +import java.util.function.Predicate; + import org.opensearch.action.index.IndexResponse; import org.opensearch.client.Client; import org.opensearch.common.CheckedFunction; @@ -20,14 +28,6 @@ import org.opensearch.security.dlic.rest.validation.ValidationResult; import org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration; -import java.io.IOException; -import java.util.HashMap; -import java.util.Map; -import java.util.Objects; -import java.util.Set; -import java.util.function.Consumer; -import java.util.function.Predicate; - import static org.opensearch.security.dlic.rest.api.Responses.created; import static org.opensearch.security.dlic.rest.api.Responses.forbidden; import static org.opensearch.security.dlic.rest.api.Responses.methodNotImplemented; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/Responses.java b/src/main/java/org/opensearch/security/dlic/rest/api/Responses.java index 6af8f0e936..4f895d1a91 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/Responses.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/Responses.java @@ -11,6 +11,8 @@ package org.opensearch.security.dlic.rest.api; +import java.io.IOException; + import org.opensearch.ExceptionsHelper; import org.opensearch.core.rest.RestStatus; import org.opensearch.core.xcontent.ToXContent; @@ -18,8 +20,6 @@ import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestRequest; -import java.io.IOException; - public class Responses { public static void ok(final RestChannel channel, final String message) { diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/RestApiAdminPrivilegesEvaluator.java b/src/main/java/org/opensearch/security/dlic/rest/api/RestApiAdminPrivilegesEvaluator.java index a63c496e38..a80d029f13 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/RestApiAdminPrivilegesEvaluator.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/RestApiAdminPrivilegesEvaluator.java @@ -19,8 +19,8 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.common.util.concurrent.ThreadContext; +import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.security.configuration.AdminDNs; import org.opensearch.security.dlic.rest.support.Utils; import org.opensearch.security.privileges.PrivilegesEvaluator; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/RolesApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/RolesApiAction.java index 76ff702455..9af04d17ec 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/RolesApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/RolesApiAction.java @@ -11,11 +11,18 @@ package org.opensearch.security.dlic.rest.api; -import com.fasterxml.jackson.core.JsonPointer; -import com.fasterxml.jackson.databind.JsonNode; +import java.io.IOException; +import java.util.List; +import java.util.Map; +import java.util.Objects; +import java.util.stream.StreamSupport; + import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableMap; +import com.fasterxml.jackson.core.JsonPointer; +import com.fasterxml.jackson.databind.JsonNode; import org.apache.commons.lang3.tuple.Pair; + import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.inject.Inject; import org.opensearch.common.settings.Settings; @@ -31,12 +38,6 @@ import org.opensearch.security.securityconf.impl.CType; import org.opensearch.threadpool.ThreadPool; -import java.io.IOException; -import java.util.List; -import java.util.Map; -import java.util.Objects; -import java.util.stream.StreamSupport; - import static org.opensearch.security.dlic.rest.api.RequestHandler.methodNotImplementedHandler; import static org.opensearch.security.dlic.rest.support.Utils.addRoutesPrefix; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/RolesMappingApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/RolesMappingApiAction.java index 15fef92a5f..230ce0e1a1 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/RolesMappingApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/RolesMappingApiAction.java @@ -17,9 +17,9 @@ import java.util.Set; import com.google.common.collect.ImmutableList; - import com.google.common.collect.ImmutableMap; import com.google.common.collect.ImmutableSet; + import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.inject.Inject; import org.opensearch.common.settings.Settings; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/SecurityConfigApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/SecurityConfigApiAction.java index f71135ce50..2141a35460 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/SecurityConfigApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/SecurityConfigApiAction.java @@ -11,7 +11,11 @@ package org.opensearch.security.dlic.rest.api; +import java.util.List; +import java.util.Map; + import com.google.common.collect.ImmutableMap; + import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.inject.Inject; import org.opensearch.common.settings.Settings; @@ -24,9 +28,6 @@ import org.opensearch.security.support.ConfigConstants; import org.opensearch.threadpool.ThreadPool; -import java.util.List; -import java.util.Map; - import static org.opensearch.security.dlic.rest.api.RequestHandler.methodNotImplementedHandler; import static org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator.SECURITY_CONFIG_UPDATE; import static org.opensearch.security.dlic.rest.support.Utils.addRoutesPrefix; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/SecurityConfiguration.java b/src/main/java/org/opensearch/security/dlic/rest/api/SecurityConfiguration.java index 68f17ac5f5..4d33e42fad 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/SecurityConfiguration.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/SecurityConfiguration.java @@ -11,12 +11,13 @@ package org.opensearch.security.dlic.rest.api; -import com.fasterxml.jackson.databind.JsonNode; -import org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration; - import java.util.Objects; import java.util.Optional; +import com.fasterxml.jackson.databind.JsonNode; + +import org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration; + public class SecurityConfiguration { private final String entityName; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/SecurityRestApiActions.java b/src/main/java/org/opensearch/security/dlic/rest/api/SecurityRestApiActions.java index 78f9ce91df..b0d46f8774 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/SecurityRestApiActions.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/SecurityRestApiActions.java @@ -11,6 +11,10 @@ package org.opensearch.security.dlic.rest.api; +import java.nio.file.Path; +import java.util.Collection; +import java.util.List; + import org.opensearch.client.Client; import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.settings.Settings; @@ -25,10 +29,6 @@ import org.opensearch.security.user.UserService; import org.opensearch.threadpool.ThreadPool; -import java.nio.file.Path; -import java.util.Collection; -import java.util.List; - import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_ADMIN_ENABLED; public class SecurityRestApiActions { diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/SecuritySSLCertsApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/SecuritySSLCertsApiAction.java index 1dee3d8c84..48e1c9b704 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/SecuritySSLCertsApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/SecuritySSLCertsApiAction.java @@ -11,8 +11,16 @@ package org.opensearch.security.dlic.rest.api; +import java.io.IOException; +import java.security.cert.X509Certificate; +import java.util.Arrays; +import java.util.List; +import java.util.Map; +import java.util.stream.Collectors; + import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableMap; + import org.opensearch.OpenSearchSecurityException; import org.opensearch.cluster.service.ClusterService; import org.opensearch.core.rest.RestStatus; @@ -26,13 +34,6 @@ import org.opensearch.security.support.ConfigConstants; import org.opensearch.threadpool.ThreadPool; -import java.io.IOException; -import java.security.cert.X509Certificate; -import java.util.Arrays; -import java.util.List; -import java.util.Map; -import java.util.stream.Collectors; - import static org.opensearch.security.dlic.rest.api.Responses.badRequest; import static org.opensearch.security.dlic.rest.api.Responses.badRequestMessage; import static org.opensearch.security.dlic.rest.api.Responses.ok; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/TenantsApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/TenantsApiAction.java index ee716f70b5..28fd6dcdcb 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/TenantsApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/TenantsApiAction.java @@ -31,8 +31,8 @@ import java.util.Map; import com.google.common.collect.ImmutableList; - import com.google.common.collect.ImmutableMap; + import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.inject.Inject; import org.opensearch.common.settings.Settings; diff --git a/src/main/java/org/opensearch/security/dlic/rest/api/ValidateApiAction.java b/src/main/java/org/opensearch/security/dlic/rest/api/ValidateApiAction.java index 8f764e94c3..93f1cd35c3 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/api/ValidateApiAction.java +++ b/src/main/java/org/opensearch/security/dlic/rest/api/ValidateApiAction.java @@ -11,6 +11,10 @@ package org.opensearch.security.dlic.rest.api; +import java.io.IOException; +import java.util.Collections; +import java.util.List; + import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.collect.Tuple; import org.opensearch.common.inject.Inject; @@ -35,10 +39,6 @@ import org.opensearch.security.securityconf.impl.v7.TenantV7; import org.opensearch.threadpool.ThreadPool; -import java.io.IOException; -import java.util.Collections; -import java.util.List; - import static org.opensearch.security.dlic.rest.api.Responses.badRequest; import static org.opensearch.security.dlic.rest.api.Responses.internalSeverError; import static org.opensearch.security.dlic.rest.api.Responses.ok; diff --git a/src/main/java/org/opensearch/security/dlic/rest/support/Utils.java b/src/main/java/org/opensearch/security/dlic/rest/support/Utils.java index 3853ee5f46..74b7cd415a 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/support/Utils.java +++ b/src/main/java/org/opensearch/security/dlic/rest/support/Utils.java @@ -24,12 +24,12 @@ import java.util.Objects; import java.util.Set; +import com.google.common.collect.ImmutableList; +import com.google.common.collect.ImmutableSet; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.core.type.TypeReference; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; -import com.google.common.collect.ImmutableList; -import com.google.common.collect.ImmutableSet; import org.apache.commons.lang3.tuple.Pair; import org.bouncycastle.crypto.generators.OpenBSDBCrypt; @@ -37,12 +37,12 @@ import org.opensearch.OpenSearchParseException; import org.opensearch.SpecialPermission; import org.opensearch.common.CheckedSupplier; -import org.opensearch.core.common.bytes.BytesReference; -import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.common.util.concurrent.ThreadContext; import org.opensearch.common.xcontent.XContentHelper; import org.opensearch.common.xcontent.XContentType; import org.opensearch.common.xcontent.json.JsonXContent; +import org.opensearch.core.common.bytes.BytesReference; +import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.core.xcontent.MediaTypeRegistry; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.core.xcontent.ToXContent; diff --git a/src/main/java/org/opensearch/security/dlic/rest/validation/EndpointValidator.java b/src/main/java/org/opensearch/security/dlic/rest/validation/EndpointValidator.java index e4b08b8c3f..5879272b30 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/validation/EndpointValidator.java +++ b/src/main/java/org/opensearch/security/dlic/rest/validation/EndpointValidator.java @@ -9,6 +9,10 @@ */ package org.opensearch.security.dlic.rest.validation; +import java.io.IOException; +import java.util.List; +import java.util.Objects; + import org.opensearch.core.rest.RestStatus; import org.opensearch.security.dlic.rest.api.Endpoint; import org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator; @@ -16,10 +20,6 @@ import org.opensearch.security.dlic.rest.support.Utils; import org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration; -import java.io.IOException; -import java.util.List; -import java.util.Objects; - import static org.opensearch.security.dlic.rest.api.Responses.badRequestMessage; import static org.opensearch.security.dlic.rest.api.Responses.forbiddenMessage; import static org.opensearch.security.dlic.rest.api.Responses.notFoundMessage; diff --git a/src/main/java/org/opensearch/security/dlic/rest/validation/PasswordValidator.java b/src/main/java/org/opensearch/security/dlic/rest/validation/PasswordValidator.java index d45be33e6a..ecad2951ab 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/validation/PasswordValidator.java +++ b/src/main/java/org/opensearch/security/dlic/rest/validation/PasswordValidator.java @@ -11,15 +11,6 @@ package org.opensearch.security.dlic.rest.validation; -import com.google.common.collect.ImmutableList; -import com.nulabinc.zxcvbn.Strength; -import com.nulabinc.zxcvbn.Zxcvbn; -import com.nulabinc.zxcvbn.matchers.Match; -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; -import org.opensearch.common.settings.Settings; -import org.opensearch.core.common.Strings; - import java.util.List; import java.util.Locale; import java.util.Objects; @@ -27,6 +18,17 @@ import java.util.function.Predicate; import java.util.regex.Pattern; +import com.google.common.collect.ImmutableList; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; + +import org.opensearch.common.settings.Settings; +import org.opensearch.core.common.Strings; + +import com.nulabinc.zxcvbn.Strength; +import com.nulabinc.zxcvbn.Zxcvbn; +import com.nulabinc.zxcvbn.matchers.Match; + import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_PASSWORD_MIN_LENGTH; import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_PASSWORD_SCORE_BASED_VALIDATION_STRENGTH; import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_PASSWORD_VALIDATION_REGEX; diff --git a/src/main/java/org/opensearch/security/dlic/rest/validation/RequestContentValidator.java b/src/main/java/org/opensearch/security/dlic/rest/validation/RequestContentValidator.java index 5889bf5504..452bdd72e4 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/validation/RequestContentValidator.java +++ b/src/main/java/org/opensearch/security/dlic/rest/validation/RequestContentValidator.java @@ -11,11 +11,20 @@ package org.opensearch.security.dlic.rest.validation; +import java.io.IOException; +import java.util.Collections; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Map; +import java.util.Optional; +import java.util.Set; + import com.fasterxml.jackson.core.JsonParser; import com.fasterxml.jackson.core.JsonToken; import com.fasterxml.jackson.databind.JsonNode; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; + import org.opensearch.common.settings.Settings; import org.opensearch.core.common.Strings; import org.opensearch.core.rest.RestStatus; @@ -24,14 +33,6 @@ import org.opensearch.rest.RestRequest; import org.opensearch.security.DefaultObjectMapper; -import java.io.IOException; -import java.util.Collections; -import java.util.HashMap; -import java.util.HashSet; -import java.util.Map; -import java.util.Optional; -import java.util.Set; - import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_PASSWORD_VALIDATION_ERROR_MESSAGE; public class RequestContentValidator implements ToXContent { diff --git a/src/main/java/org/opensearch/security/dlic/rest/validation/ValidationResult.java b/src/main/java/org/opensearch/security/dlic/rest/validation/ValidationResult.java index 7fb91d8913..ea782ea504 100644 --- a/src/main/java/org/opensearch/security/dlic/rest/validation/ValidationResult.java +++ b/src/main/java/org/opensearch/security/dlic/rest/validation/ValidationResult.java @@ -11,14 +11,14 @@ package org.opensearch.security.dlic.rest.validation; +import java.io.IOException; +import java.util.Objects; + import org.opensearch.common.CheckedBiConsumer; import org.opensearch.common.CheckedConsumer; import org.opensearch.common.CheckedFunction; -import org.opensearch.core.xcontent.ToXContent; import org.opensearch.core.rest.RestStatus; - -import java.io.IOException; -import java.util.Objects; +import org.opensearch.core.xcontent.ToXContent; public class ValidationResult { diff --git a/src/main/java/org/opensearch/security/filter/DelegatingRestHandler.java b/src/main/java/org/opensearch/security/filter/DelegatingRestHandler.java index 3ad111c6fb..8e9a9f5037 100644 --- a/src/main/java/org/opensearch/security/filter/DelegatingRestHandler.java +++ b/src/main/java/org/opensearch/security/filter/DelegatingRestHandler.java @@ -8,14 +8,14 @@ package org.opensearch.security.filter; +import java.util.List; +import java.util.Objects; + import org.opensearch.client.node.NodeClient; import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestHandler; import org.opensearch.rest.RestRequest; -import java.util.List; -import java.util.Objects; - /** * Delegating RestHandler that delegates all implementations to original handler * diff --git a/src/main/java/org/opensearch/security/filter/NettyRequest.java b/src/main/java/org/opensearch/security/filter/NettyRequest.java index f3f2827367..7b65e4e0de 100644 --- a/src/main/java/org/opensearch/security/filter/NettyRequest.java +++ b/src/main/java/org/opensearch/security/filter/NettyRequest.java @@ -18,15 +18,14 @@ import java.util.Map; import java.util.Optional; import java.util.TreeMap; - import javax.net.ssl.SSLEngine; -import io.netty.handler.ssl.SslHandler; import org.opensearch.http.netty4.Netty4HttpChannel; import org.opensearch.rest.RestRequest.Method; +import org.opensearch.rest.RestUtils; import io.netty.handler.codec.http.HttpRequest; -import org.opensearch.rest.RestUtils; +import io.netty.handler.ssl.SslHandler; /** * Wraps the functionality of HttpRequest for use in the security plugin diff --git a/src/main/java/org/opensearch/security/filter/NettyRequestChannel.java b/src/main/java/org/opensearch/security/filter/NettyRequestChannel.java index a83ecdea8a..f994226407 100644 --- a/src/main/java/org/opensearch/security/filter/NettyRequestChannel.java +++ b/src/main/java/org/opensearch/security/filter/NettyRequestChannel.java @@ -15,11 +15,13 @@ import java.util.concurrent.atomic.AtomicBoolean; import java.util.concurrent.atomic.AtomicReference; -import io.netty.handler.codec.http.HttpRequest; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; + import org.opensearch.http.netty4.Netty4HttpChannel; +import io.netty.handler.codec.http.HttpRequest; + public class NettyRequestChannel extends NettyRequest implements SecurityRequestChannel { private final Logger log = LogManager.getLogger(NettyRequestChannel.class); diff --git a/src/main/java/org/opensearch/security/filter/OpenSearchRequest.java b/src/main/java/org/opensearch/security/filter/OpenSearchRequest.java index 85c70b8f7a..80ede8b2c1 100644 --- a/src/main/java/org/opensearch/security/filter/OpenSearchRequest.java +++ b/src/main/java/org/opensearch/security/filter/OpenSearchRequest.java @@ -15,7 +15,6 @@ import java.util.List; import java.util.Map; import java.util.Optional; - import javax.net.ssl.SSLEngine; import org.opensearch.http.netty4.Netty4HttpChannel; diff --git a/src/main/java/org/opensearch/security/filter/SecurityFilter.java b/src/main/java/org/opensearch/security/filter/SecurityFilter.java index 00b117ebb8..b9d4a73967 100644 --- a/src/main/java/org/opensearch/security/filter/SecurityFilter.java +++ b/src/main/java/org/opensearch/security/filter/SecurityFilter.java @@ -40,9 +40,7 @@ import org.opensearch.OpenSearchException; import org.opensearch.OpenSearchSecurityException; import org.opensearch.ResourceAlreadyExistsException; -import org.opensearch.core.action.ActionListener; import org.opensearch.action.ActionRequest; -import org.opensearch.core.action.ActionResponse; import org.opensearch.action.DocWriteRequest.OpType; import org.opensearch.action.admin.cluster.snapshots.restore.RestoreSnapshotRequest; import org.opensearch.action.admin.indices.alias.Alias; @@ -68,10 +66,12 @@ import org.opensearch.common.settings.Settings; import org.opensearch.common.util.concurrent.ThreadContext; import org.opensearch.common.util.concurrent.ThreadContext.StoredContext; +import org.opensearch.core.action.ActionListener; +import org.opensearch.core.action.ActionResponse; import org.opensearch.core.common.logging.LoggerMessageFormat; +import org.opensearch.core.rest.RestStatus; import org.opensearch.index.reindex.DeleteByQueryRequest; import org.opensearch.index.reindex.UpdateByQueryRequest; -import org.opensearch.core.rest.RestStatus; import org.opensearch.security.action.whoami.WhoAmIAction; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.auditlog.AuditLog.Origin; diff --git a/src/main/java/org/opensearch/security/filter/SecurityRequest.java b/src/main/java/org/opensearch/security/filter/SecurityRequest.java index ab6f41b354..4c7ea27a87 100644 --- a/src/main/java/org/opensearch/security/filter/SecurityRequest.java +++ b/src/main/java/org/opensearch/security/filter/SecurityRequest.java @@ -16,7 +16,6 @@ import java.util.Map; import java.util.Optional; import java.util.stream.Stream; - import javax.net.ssl.SSLEngine; import org.opensearch.rest.RestRequest.Method; diff --git a/src/main/java/org/opensearch/security/filter/SecurityRequestFactory.java b/src/main/java/org/opensearch/security/filter/SecurityRequestFactory.java index 0b64d0220d..31fe78b87d 100644 --- a/src/main/java/org/opensearch/security/filter/SecurityRequestFactory.java +++ b/src/main/java/org/opensearch/security/filter/SecurityRequestFactory.java @@ -11,11 +11,12 @@ package org.opensearch.security.filter; -import io.netty.handler.codec.http.HttpRequest; import org.opensearch.http.netty4.Netty4HttpChannel; import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestRequest; +import io.netty.handler.codec.http.HttpRequest; + /** * Generates wrapped versions of requests for use in the security plugin */ diff --git a/src/main/java/org/opensearch/security/filter/SecurityResponse.java b/src/main/java/org/opensearch/security/filter/SecurityResponse.java index 14c21a9385..0dc833a440 100644 --- a/src/main/java/org/opensearch/security/filter/SecurityResponse.java +++ b/src/main/java/org/opensearch/security/filter/SecurityResponse.java @@ -15,6 +15,7 @@ import java.util.Map; import org.apache.http.HttpHeaders; + import org.opensearch.common.xcontent.XContentFactory; import org.opensearch.core.rest.RestStatus; import org.opensearch.rest.BytesRestResponse; diff --git a/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java b/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java index c492656bca..e4d087cfe3 100644 --- a/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java +++ b/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java @@ -31,13 +31,11 @@ import java.util.Optional; import java.util.Set; import java.util.regex.Pattern; - import javax.net.ssl.SSLPeerUnverifiedException; import org.apache.http.HttpStatus; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.greenrobot.eventbus.Subscribe; import org.opensearch.OpenSearchException; import org.opensearch.client.node.NodeClient; @@ -67,6 +65,8 @@ import org.opensearch.tasks.Task; import org.opensearch.threadpool.ThreadPool; +import org.greenrobot.eventbus.Subscribe; + import static org.opensearch.security.OpenSearchSecurityPlugin.LEGACY_OPENDISTRO_PREFIX; import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX; import static org.opensearch.security.http.SecurityHttpServerTransport.CONTEXT_TO_RESTORE; diff --git a/src/main/java/org/opensearch/security/filter/SecurityRestUtils.java b/src/main/java/org/opensearch/security/filter/SecurityRestUtils.java index 705fe31ee0..0fd112b444 100644 --- a/src/main/java/org/opensearch/security/filter/SecurityRestUtils.java +++ b/src/main/java/org/opensearch/security/filter/SecurityRestUtils.java @@ -11,14 +11,14 @@ package org.opensearch.security.filter; -import static org.opensearch.security.filter.SecurityRestFilter.HEALTH_SUFFIX; -import static org.opensearch.security.filter.SecurityRestFilter.PATTERN_PATH_PREFIX; -import static org.opensearch.security.filter.SecurityRestFilter.WHO_AM_I_SUFFIX; - import java.util.regex.Matcher; import org.opensearch.rest.RestRequest.Method; +import static org.opensearch.security.filter.SecurityRestFilter.HEALTH_SUFFIX; +import static org.opensearch.security.filter.SecurityRestFilter.PATTERN_PATH_PREFIX; +import static org.opensearch.security.filter.SecurityRestFilter.WHO_AM_I_SUFFIX; + public class SecurityRestUtils { public static String path(final String uri) { final int index = uri.indexOf('?'); diff --git a/src/main/java/org/opensearch/security/http/HTTPClientCertAuthenticator.java b/src/main/java/org/opensearch/security/http/HTTPClientCertAuthenticator.java index 433ec01458..684131b3e5 100644 --- a/src/main/java/org/opensearch/security/http/HTTPClientCertAuthenticator.java +++ b/src/main/java/org/opensearch/security/http/HTTPClientCertAuthenticator.java @@ -31,7 +31,6 @@ import java.util.Collections; import java.util.List; import java.util.Optional; - import javax.naming.InvalidNameException; import javax.naming.ldap.LdapName; import javax.naming.ldap.Rdn; diff --git a/src/main/java/org/opensearch/security/http/OnBehalfOfAuthenticator.java b/src/main/java/org/opensearch/security/http/OnBehalfOfAuthenticator.java index f493b7c919..23db7accda 100644 --- a/src/main/java/org/opensearch/security/http/OnBehalfOfAuthenticator.java +++ b/src/main/java/org/opensearch/security/http/OnBehalfOfAuthenticator.java @@ -11,10 +11,6 @@ package org.opensearch.security.http; -import static org.opensearch.security.OpenSearchSecurityPlugin.LEGACY_OPENDISTRO_PREFIX; -import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX; -import static org.opensearch.security.util.AuthTokenUtils.isAccessToRestrictedEndpoints; - import java.security.AccessController; import java.security.PrivilegedAction; import java.util.Arrays; @@ -29,6 +25,7 @@ import org.apache.hc.core5.http.HttpHeaders; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; + import org.opensearch.OpenSearchException; import org.opensearch.OpenSearchSecurityException; import org.opensearch.SpecialPermission; @@ -47,6 +44,10 @@ import io.jsonwebtoken.JwtParserBuilder; import io.jsonwebtoken.security.WeakKeyException; +import static org.opensearch.security.OpenSearchSecurityPlugin.LEGACY_OPENDISTRO_PREFIX; +import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX; +import static org.opensearch.security.util.AuthTokenUtils.isAccessToRestrictedEndpoints; + public class OnBehalfOfAuthenticator implements HTTPAuthenticator { private static final int MINIMUM_SIGNING_KEY_BIT_LENGTH = 512; diff --git a/src/main/java/org/opensearch/security/http/SecurityHttpServerTransport.java b/src/main/java/org/opensearch/security/http/SecurityHttpServerTransport.java index 3b70a5ebda..c5fbbfbbc6 100644 --- a/src/main/java/org/opensearch/security/http/SecurityHttpServerTransport.java +++ b/src/main/java/org/opensearch/security/http/SecurityHttpServerTransport.java @@ -26,7 +26,6 @@ package org.opensearch.security.http; -import io.netty.util.AttributeKey; import org.opensearch.common.network.NetworkService; import org.opensearch.common.settings.ClusterSettings; import org.opensearch.common.settings.Settings; @@ -43,6 +42,8 @@ import org.opensearch.threadpool.ThreadPool; import org.opensearch.transport.SharedGroupFactory; +import io.netty.util.AttributeKey; + public class SecurityHttpServerTransport extends SecuritySSLNettyHttpServerTransport { public static final AttributeKey EARLY_RESPONSE = AttributeKey.newInstance("opensearch-http-early-response"); diff --git a/src/main/java/org/opensearch/security/http/SecurityNonSslHttpServerTransport.java b/src/main/java/org/opensearch/security/http/SecurityNonSslHttpServerTransport.java index cca1df9b46..f37ebb48e8 100644 --- a/src/main/java/org/opensearch/security/http/SecurityNonSslHttpServerTransport.java +++ b/src/main/java/org/opensearch/security/http/SecurityNonSslHttpServerTransport.java @@ -26,10 +26,6 @@ package org.opensearch.security.http; -import io.netty.channel.Channel; -import io.netty.channel.ChannelHandler; - -import io.netty.channel.ChannelInboundHandlerAdapter; import org.opensearch.common.network.NetworkService; import org.opensearch.common.settings.ClusterSettings; import org.opensearch.common.settings.Settings; @@ -44,6 +40,10 @@ import org.opensearch.threadpool.ThreadPool; import org.opensearch.transport.SharedGroupFactory; +import io.netty.channel.Channel; +import io.netty.channel.ChannelHandler; +import io.netty.channel.ChannelInboundHandlerAdapter; + public class SecurityNonSslHttpServerTransport extends Netty4HttpServerTransport { private final ChannelInboundHandlerAdapter headerVerifier; diff --git a/src/main/java/org/opensearch/security/http/XFFResolver.java b/src/main/java/org/opensearch/security/http/XFFResolver.java index 7fcbfad888..0a3d183341 100644 --- a/src/main/java/org/opensearch/security/http/XFFResolver.java +++ b/src/main/java/org/opensearch/security/http/XFFResolver.java @@ -30,16 +30,17 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.greenrobot.eventbus.Subscribe; import org.opensearch.OpenSearchSecurityException; -import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.common.util.concurrent.ThreadContext; +import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.security.filter.SecurityRequest; import org.opensearch.security.securityconf.DynamicConfigModel; import org.opensearch.security.support.ConfigConstants; import org.opensearch.threadpool.ThreadPool; +import org.greenrobot.eventbus.Subscribe; + public class XFFResolver { protected final Logger log = LogManager.getLogger(this.getClass()); diff --git a/src/main/java/org/opensearch/security/httpclient/HttpClient.java b/src/main/java/org/opensearch/security/httpclient/HttpClient.java index ba788a2c13..466dac2a82 100644 --- a/src/main/java/org/opensearch/security/httpclient/HttpClient.java +++ b/src/main/java/org/opensearch/security/httpclient/HttpClient.java @@ -26,7 +26,6 @@ import java.util.Objects; import java.util.concurrent.TimeUnit; import java.util.stream.Collectors; - import javax.net.ssl.HostnameVerifier; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLEngine; diff --git a/src/main/java/org/opensearch/security/identity/SecurityTokenManager.java b/src/main/java/org/opensearch/security/identity/SecurityTokenManager.java index 9f4ffecf57..8a0c3e85f1 100644 --- a/src/main/java/org/opensearch/security/identity/SecurityTokenManager.java +++ b/src/main/java/org/opensearch/security/identity/SecurityTokenManager.java @@ -15,10 +15,9 @@ import java.util.Set; import java.util.stream.Collectors; -import joptsimple.internal.Strings; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.greenrobot.eventbus.Subscribe; + import org.opensearch.OpenSearchSecurityException; import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.settings.Settings; @@ -37,6 +36,9 @@ import org.opensearch.security.user.UserService; import org.opensearch.threadpool.ThreadPool; +import joptsimple.internal.Strings; +import org.greenrobot.eventbus.Subscribe; + /** * This class is the Security Plugin's implementation of the TokenManager used by all Identity Plugins. * It handles the issuance of both Service Account Tokens and On Behalf Of tokens. diff --git a/src/main/java/org/opensearch/security/opensaml/integration/CleanerFactory.java b/src/main/java/org/opensearch/security/opensaml/integration/CleanerFactory.java index 7b0d968c57..7b6d1575f7 100644 --- a/src/main/java/org/opensearch/security/opensaml/integration/CleanerFactory.java +++ b/src/main/java/org/opensearch/security/opensaml/integration/CleanerFactory.java @@ -11,13 +11,14 @@ package org.opensearch.security.opensaml.integration; +import java.lang.ref.Cleaner; +import java.util.concurrent.ThreadFactory; + import org.opensearch.common.util.concurrent.OpenSearchExecutors; + import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import java.lang.ref.Cleaner; -import java.util.concurrent.ThreadFactory; - /** * The class was adapted from {@link net.shibboleth.utilities.java.support.primitive.CleanerSupport}. * The main reason is that it is only one way to set Cleaner.create() diff --git a/src/main/java/org/opensearch/security/opensaml/integration/SecurityX509CRLImpl.java b/src/main/java/org/opensearch/security/opensaml/integration/SecurityX509CRLImpl.java index 716826e742..036b777e27 100644 --- a/src/main/java/org/opensearch/security/opensaml/integration/SecurityX509CRLImpl.java +++ b/src/main/java/org/opensearch/security/opensaml/integration/SecurityX509CRLImpl.java @@ -11,16 +11,16 @@ package org.opensearch.security.opensaml.integration; -import net.shibboleth.utilities.java.support.collection.IndexingObjectStore; -import org.opensaml.core.xml.AbstractXMLObject; -import org.opensaml.core.xml.XMLObject; -import org.opensaml.xmlsec.signature.X509CRL; - -import javax.annotation.Nonnull; import java.lang.ref.Cleaner; import java.util.Collections; import java.util.List; import java.util.Objects; +import javax.annotation.Nonnull; + +import net.shibboleth.utilities.java.support.collection.IndexingObjectStore; +import org.opensaml.core.xml.AbstractXMLObject; +import org.opensaml.core.xml.XMLObject; +import org.opensaml.xmlsec.signature.X509CRL; /** * The class was adapted from {@link org.opensaml.xmlsec.signature.impl.X509CRLImpl}. diff --git a/src/main/java/org/opensearch/security/opensaml/integration/SecurityX509CertificateImpl.java b/src/main/java/org/opensearch/security/opensaml/integration/SecurityX509CertificateImpl.java index 32013ab727..59fbc021d8 100644 --- a/src/main/java/org/opensearch/security/opensaml/integration/SecurityX509CertificateImpl.java +++ b/src/main/java/org/opensearch/security/opensaml/integration/SecurityX509CertificateImpl.java @@ -11,16 +11,16 @@ package org.opensearch.security.opensaml.integration; -import net.shibboleth.utilities.java.support.collection.IndexingObjectStore; -import org.opensaml.core.xml.AbstractXMLObject; -import org.opensaml.core.xml.XMLObject; -import org.opensaml.xmlsec.signature.X509Certificate; - -import javax.annotation.Nonnull; import java.lang.ref.Cleaner; import java.util.Collections; import java.util.List; import java.util.Objects; +import javax.annotation.Nonnull; + +import net.shibboleth.utilities.java.support.collection.IndexingObjectStore; +import org.opensaml.core.xml.AbstractXMLObject; +import org.opensaml.core.xml.XMLObject; +import org.opensaml.xmlsec.signature.X509Certificate; /** * The class was adapted from {@link org.opensaml.xmlsec.signature.impl.X509CertificateBuilder}. diff --git a/src/main/java/org/opensearch/security/opensaml/integration/SecurityXMLObjectProviderInitializer.java b/src/main/java/org/opensearch/security/opensaml/integration/SecurityXMLObjectProviderInitializer.java index bf87514bff..6cf6d0e6aa 100644 --- a/src/main/java/org/opensearch/security/opensaml/integration/SecurityXMLObjectProviderInitializer.java +++ b/src/main/java/org/opensearch/security/opensaml/integration/SecurityXMLObjectProviderInitializer.java @@ -11,9 +11,13 @@ package org.opensearch.security.opensaml.integration; -import net.shibboleth.utilities.java.support.primitive.StringSupport; +import java.io.IOException; +import java.io.InputStream; + import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; + +import net.shibboleth.utilities.java.support.primitive.StringSupport; import org.opensaml.core.config.InitializationException; import org.opensaml.core.xml.config.XMLConfigurationException; import org.opensaml.core.xml.config.XMLConfigurator; @@ -22,9 +26,6 @@ import org.opensaml.xmlsec.signature.impl.X509CertificateBuilder; import org.w3c.dom.Element; -import java.io.IOException; -import java.io.InputStream; - /** * The class extends {@link org.opensaml.xmlsec.config.impl.XMLObjectProviderInitializer} * which is responsible to map signature configuration from SAML diff --git a/src/main/java/org/opensearch/security/privileges/PrivilegesEvaluator.java b/src/main/java/org/opensearch/security/privileges/PrivilegesEvaluator.java index 538b541754..1d09932131 100644 --- a/src/main/java/org/opensearch/security/privileges/PrivilegesEvaluator.java +++ b/src/main/java/org/opensearch/security/privileges/PrivilegesEvaluator.java @@ -40,7 +40,6 @@ import com.google.common.collect.ImmutableSet; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.greenrobot.eventbus.Subscribe; import org.opensearch.OpenSearchSecurityException; import org.opensearch.action.ActionRequest; @@ -77,9 +76,9 @@ import org.opensearch.cluster.metadata.IndexNameExpressionResolver; import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.settings.Settings; -import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.common.util.concurrent.ThreadContext; import org.opensearch.core.common.Strings; +import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.index.reindex.ReindexAction; import org.opensearch.security.auditlog.AuditLog; @@ -96,6 +95,8 @@ import org.opensearch.tasks.Task; import org.opensearch.threadpool.ThreadPool; +import org.greenrobot.eventbus.Subscribe; + import static org.opensearch.security.OpenSearchSecurityPlugin.traceAction; import static org.opensearch.security.support.ConfigConstants.OPENDISTRO_SECURITY_USER_INFO_THREAD_CONTEXT; diff --git a/src/main/java/org/opensearch/security/privileges/RestLayerPrivilegesEvaluator.java b/src/main/java/org/opensearch/security/privileges/RestLayerPrivilegesEvaluator.java index dc95e98d11..d1ccb84fc8 100644 --- a/src/main/java/org/opensearch/security/privileges/RestLayerPrivilegesEvaluator.java +++ b/src/main/java/org/opensearch/security/privileges/RestLayerPrivilegesEvaluator.java @@ -15,18 +15,19 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.greenrobot.eventbus.Subscribe; import org.opensearch.OpenSearchSecurityException; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.common.util.concurrent.ThreadContext; +import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.security.securityconf.ConfigModel; import org.opensearch.security.securityconf.SecurityRoles; import org.opensearch.security.support.ConfigConstants; import org.opensearch.security.user.User; import org.opensearch.threadpool.ThreadPool; +import org.greenrobot.eventbus.Subscribe; + public class RestLayerPrivilegesEvaluator { protected final Logger log = LogManager.getLogger(this.getClass()); private final ClusterService clusterService; diff --git a/src/main/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluator.java b/src/main/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluator.java index 4d5fb26050..b984ee93b8 100644 --- a/src/main/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluator.java +++ b/src/main/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluator.java @@ -26,8 +26,15 @@ package org.opensearch.security.privileges; +import java.util.ArrayList; +import java.util.HashSet; +import java.util.List; +import java.util.Set; +import java.util.stream.Collectors; + import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; + import org.opensearch.action.ActionRequest; import org.opensearch.action.RealtimeRequest; import org.opensearch.action.search.SearchRequest; @@ -43,12 +50,6 @@ import org.opensearch.security.user.User; import org.opensearch.tasks.Task; -import java.util.ArrayList; -import java.util.HashSet; -import java.util.List; -import java.util.Set; -import java.util.stream.Collectors; - /** * This class performs authorization on requests targeting system indices * NOTE: diff --git a/src/main/java/org/opensearch/security/resolver/IndexResolverReplacer.java b/src/main/java/org/opensearch/security/resolver/IndexResolverReplacer.java index ea8985ee69..3ebfbce29b 100644 --- a/src/main/java/org/opensearch/security/resolver/IndexResolverReplacer.java +++ b/src/main/java/org/opensearch/security/resolver/IndexResolverReplacer.java @@ -43,7 +43,6 @@ import com.google.common.collect.ImmutableSet; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.greenrobot.eventbus.Subscribe; import org.opensearch.action.ActionRequest; import org.opensearch.action.DocWriteRequest; @@ -95,6 +94,8 @@ import org.opensearch.transport.RemoteClusterService; import org.opensearch.transport.TransportRequest; +import org.greenrobot.eventbus.Subscribe; + import static org.opensearch.cluster.metadata.IndexAbstraction.Type.ALIAS; public class IndexResolverReplacer { diff --git a/src/main/java/org/opensearch/security/rest/DashboardsInfoAction.java b/src/main/java/org/opensearch/security/rest/DashboardsInfoAction.java index 6a14541896..2b286d0c3d 100644 --- a/src/main/java/org/opensearch/security/rest/DashboardsInfoAction.java +++ b/src/main/java/org/opensearch/security/rest/DashboardsInfoAction.java @@ -36,13 +36,13 @@ import org.opensearch.client.node.NodeClient; import org.opensearch.common.settings.Settings; import org.opensearch.common.util.concurrent.ThreadContext; +import org.opensearch.core.rest.RestStatus; import org.opensearch.core.xcontent.XContentBuilder; import org.opensearch.rest.BaseRestHandler; import org.opensearch.rest.BytesRestResponse; import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestController; import org.opensearch.rest.RestRequest; -import org.opensearch.core.rest.RestStatus; import org.opensearch.security.privileges.PrivilegesEvaluator; import org.opensearch.security.support.ConfigConstants; import org.opensearch.security.user.User; diff --git a/src/main/java/org/opensearch/security/rest/SecurityConfigUpdateAction.java b/src/main/java/org/opensearch/security/rest/SecurityConfigUpdateAction.java index bfbc16f98d..cb678b533b 100644 --- a/src/main/java/org/opensearch/security/rest/SecurityConfigUpdateAction.java +++ b/src/main/java/org/opensearch/security/rest/SecurityConfigUpdateAction.java @@ -20,11 +20,11 @@ import org.opensearch.client.node.NodeClient; import org.opensearch.common.settings.Settings; import org.opensearch.common.util.concurrent.ThreadContext; +import org.opensearch.core.rest.RestStatus; import org.opensearch.rest.BaseRestHandler; import org.opensearch.rest.BytesRestResponse; import org.opensearch.rest.RestController; import org.opensearch.rest.RestRequest; -import org.opensearch.core.rest.RestStatus; import org.opensearch.rest.action.RestActions.NodesResponseRestListener; import org.opensearch.security.action.configupdate.ConfigUpdateAction; import org.opensearch.security.action.configupdate.ConfigUpdateRequest; diff --git a/src/main/java/org/opensearch/security/rest/SecurityHealthAction.java b/src/main/java/org/opensearch/security/rest/SecurityHealthAction.java index 579d42e7a6..1b7e788dae 100644 --- a/src/main/java/org/opensearch/security/rest/SecurityHealthAction.java +++ b/src/main/java/org/opensearch/security/rest/SecurityHealthAction.java @@ -33,13 +33,13 @@ import org.opensearch.client.node.NodeClient; import org.opensearch.common.settings.Settings; +import org.opensearch.core.rest.RestStatus; import org.opensearch.core.xcontent.XContentBuilder; import org.opensearch.rest.BaseRestHandler; import org.opensearch.rest.BytesRestResponse; import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestController; import org.opensearch.rest.RestRequest; -import org.opensearch.core.rest.RestStatus; import org.opensearch.security.auth.BackendRegistry; import static org.opensearch.rest.RestRequest.Method.GET; diff --git a/src/main/java/org/opensearch/security/rest/SecurityInfoAction.java b/src/main/java/org/opensearch/security/rest/SecurityInfoAction.java index a10c58f058..9300cf72f2 100644 --- a/src/main/java/org/opensearch/security/rest/SecurityInfoAction.java +++ b/src/main/java/org/opensearch/security/rest/SecurityInfoAction.java @@ -40,15 +40,15 @@ import org.opensearch.client.node.NodeClient; import org.opensearch.common.settings.Settings; -import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.common.util.concurrent.ThreadContext; +import org.opensearch.core.common.transport.TransportAddress; +import org.opensearch.core.rest.RestStatus; import org.opensearch.core.xcontent.XContentBuilder; import org.opensearch.rest.BaseRestHandler; import org.opensearch.rest.BytesRestResponse; import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestController; import org.opensearch.rest.RestRequest; -import org.opensearch.core.rest.RestStatus; import org.opensearch.security.privileges.PrivilegesEvaluator; import org.opensearch.security.support.Base64Helper; import org.opensearch.security.support.ConfigConstants; diff --git a/src/main/java/org/opensearch/security/rest/SecurityWhoAmIAction.java b/src/main/java/org/opensearch/security/rest/SecurityWhoAmIAction.java index 4f560f40b6..d4865b373d 100644 --- a/src/main/java/org/opensearch/security/rest/SecurityWhoAmIAction.java +++ b/src/main/java/org/opensearch/security/rest/SecurityWhoAmIAction.java @@ -23,6 +23,7 @@ import org.opensearch.client.node.NodeClient; import org.opensearch.common.settings.Settings; +import org.opensearch.core.rest.RestStatus; import org.opensearch.core.xcontent.XContentBuilder; import org.opensearch.rest.BaseRestHandler; import org.opensearch.rest.BytesRestResponse; @@ -30,7 +31,6 @@ import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestController; import org.opensearch.rest.RestRequest; -import org.opensearch.core.rest.RestStatus; import org.opensearch.security.configuration.AdminDNs; import org.opensearch.security.filter.SecurityRequestFactory; import org.opensearch.security.ssl.transport.PrincipalExtractor; diff --git a/src/main/java/org/opensearch/security/rest/TenantInfoAction.java b/src/main/java/org/opensearch/security/rest/TenantInfoAction.java index f3afc0f006..1b0bdd7f8e 100644 --- a/src/main/java/org/opensearch/security/rest/TenantInfoAction.java +++ b/src/main/java/org/opensearch/security/rest/TenantInfoAction.java @@ -41,13 +41,13 @@ import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.settings.Settings; import org.opensearch.common.util.concurrent.ThreadContext; +import org.opensearch.core.rest.RestStatus; import org.opensearch.core.xcontent.XContentBuilder; import org.opensearch.rest.BaseRestHandler; import org.opensearch.rest.BytesRestResponse; import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestController; import org.opensearch.rest.RestRequest; -import org.opensearch.core.rest.RestStatus; import org.opensearch.security.configuration.AdminDNs; import org.opensearch.security.configuration.ConfigurationRepository; import org.opensearch.security.privileges.PrivilegesEvaluator; diff --git a/src/main/java/org/opensearch/security/securityconf/ConfigModelV6.java b/src/main/java/org/opensearch/security/securityconf/ConfigModelV6.java index 545d383ced..3650057d63 100644 --- a/src/main/java/org/opensearch/security/securityconf/ConfigModelV6.java +++ b/src/main/java/org/opensearch/security/securityconf/ConfigModelV6.java @@ -51,8 +51,8 @@ import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.collect.Tuple; import org.opensearch.common.settings.Settings; -import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.common.util.set.Sets; +import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.security.resolver.IndexResolverReplacer.Resolved; import org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration; diff --git a/src/main/java/org/opensearch/security/securityconf/ConfigModelV7.java b/src/main/java/org/opensearch/security/securityconf/ConfigModelV7.java index 0528590db9..473e224538 100644 --- a/src/main/java/org/opensearch/security/securityconf/ConfigModelV7.java +++ b/src/main/java/org/opensearch/security/securityconf/ConfigModelV7.java @@ -55,8 +55,8 @@ import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.collect.Tuple; import org.opensearch.common.settings.Settings; -import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.common.util.set.Sets; +import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.security.resolver.IndexResolverReplacer.Resolved; import org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration; diff --git a/src/main/java/org/opensearch/security/securityconf/DynamicConfigFactory.java b/src/main/java/org/opensearch/security/securityconf/DynamicConfigFactory.java index 7265699e7c..ed61481885 100644 --- a/src/main/java/org/opensearch/security/securityconf/DynamicConfigFactory.java +++ b/src/main/java/org/opensearch/security/securityconf/DynamicConfigFactory.java @@ -35,14 +35,11 @@ import java.util.Map.Entry; import java.util.concurrent.atomic.AtomicBoolean; -import com.fasterxml.jackson.databind.JsonNode; import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableMap; +import com.fasterxml.jackson.databind.JsonNode; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.greenrobot.eventbus.EventBus; -import org.greenrobot.eventbus.EventBusBuilder; -import org.greenrobot.eventbus.Logger.JavaLogger; import org.opensearch.client.Client; import org.opensearch.common.settings.Settings; @@ -73,6 +70,10 @@ import org.opensearch.security.support.WildcardMatcher; import org.opensearch.threadpool.ThreadPool; +import org.greenrobot.eventbus.EventBus; +import org.greenrobot.eventbus.EventBusBuilder; +import org.greenrobot.eventbus.Logger.JavaLogger; + public class DynamicConfigFactory implements Initializable, ConfigurationChangeListener { public static final EventBusBuilder EVENT_BUS_BUILDER = EventBus.builder(); diff --git a/src/main/java/org/opensearch/security/securityconf/impl/AllowlistingSettings.java b/src/main/java/org/opensearch/security/securityconf/impl/AllowlistingSettings.java index ba249e8c63..63d9186e1f 100644 --- a/src/main/java/org/opensearch/security/securityconf/impl/AllowlistingSettings.java +++ b/src/main/java/org/opensearch/security/securityconf/impl/AllowlistingSettings.java @@ -18,6 +18,7 @@ import java.util.Optional; import org.apache.http.HttpStatus; + import org.opensearch.common.xcontent.XContentFactory; import org.opensearch.core.rest.RestStatus; import org.opensearch.security.filter.SecurityRequest; diff --git a/src/main/java/org/opensearch/security/securityconf/impl/WhitelistingSettings.java b/src/main/java/org/opensearch/security/securityconf/impl/WhitelistingSettings.java index 2e1ab791d2..ce643477c2 100644 --- a/src/main/java/org/opensearch/security/securityconf/impl/WhitelistingSettings.java +++ b/src/main/java/org/opensearch/security/securityconf/impl/WhitelistingSettings.java @@ -17,6 +17,7 @@ import java.util.Optional; import org.apache.http.HttpStatus; + import org.opensearch.security.filter.SecurityRequest; import org.opensearch.security.filter.SecurityResponse; diff --git a/src/main/java/org/opensearch/security/ssl/DefaultSecurityKeyStore.java b/src/main/java/org/opensearch/security/ssl/DefaultSecurityKeyStore.java index a3d18fba61..7ff90c1a66 100644 --- a/src/main/java/org/opensearch/security/ssl/DefaultSecurityKeyStore.java +++ b/src/main/java/org/opensearch/security/ssl/DefaultSecurityKeyStore.java @@ -17,19 +17,6 @@ package org.opensearch.security.ssl; -import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_HTTP_KEYSTORE_KEYPASSWORD; -import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_HTTP_KEYSTORE_PASSWORD; -import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_HTTP_PEMKEY_PASSWORD; -import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_HTTP_TRUSTSTORE_PASSWORD; -import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_CLIENT_KEYSTORE_KEYPASSWORD; -import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_CLIENT_PEMKEY_PASSWORD; -import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_KEYPASSWORD; -import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD; -import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_PEMKEY_PASSWORD; -import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_SERVER_KEYSTORE_KEYPASSWORD; -import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_SERVER_PEMKEY_PASSWORD; -import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD; - import java.io.File; import java.nio.charset.StandardCharsets; import java.nio.file.Files; @@ -56,13 +43,14 @@ import java.util.stream.Collectors; import java.util.stream.Stream; import java.util.stream.StreamSupport; - import javax.crypto.Cipher; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLException; import javax.net.ssl.SSLParameters; +import com.google.common.collect.ImmutableList; +import com.google.common.collect.ImmutableSet; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; import org.bouncycastle.asn1.ASN1InputStream; @@ -72,6 +60,7 @@ import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1String; import org.bouncycastle.asn1.ASN1TaggedObject; + import org.opensearch.OpenSearchException; import org.opensearch.OpenSearchSecurityException; import org.opensearch.SpecialPermission; @@ -86,9 +75,6 @@ import org.opensearch.security.ssl.util.SSLConfigConstants; import org.opensearch.transport.NettyAllocator; -import com.google.common.collect.ImmutableList; -import com.google.common.collect.ImmutableSet; - import io.netty.handler.codec.http2.Http2SecurityUtil; import io.netty.handler.ssl.ApplicationProtocolConfig; import io.netty.handler.ssl.ApplicationProtocolConfig.Protocol; @@ -103,6 +89,19 @@ import io.netty.handler.ssl.SupportedCipherSuiteFilter; import io.netty.util.internal.PlatformDependent; +import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_HTTP_KEYSTORE_KEYPASSWORD; +import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_HTTP_KEYSTORE_PASSWORD; +import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_HTTP_PEMKEY_PASSWORD; +import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_HTTP_TRUSTSTORE_PASSWORD; +import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_CLIENT_KEYSTORE_KEYPASSWORD; +import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_CLIENT_PEMKEY_PASSWORD; +import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_KEYPASSWORD; +import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_PASSWORD; +import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_PEMKEY_PASSWORD; +import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_SERVER_KEYSTORE_KEYPASSWORD; +import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_SERVER_PEMKEY_PASSWORD; +import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD; + public class DefaultSecurityKeyStore implements SecurityKeyStore { private static final String DEFAULT_STORE_TYPE = "JKS"; diff --git a/src/main/java/org/opensearch/security/ssl/ExternalSecurityKeyStore.java b/src/main/java/org/opensearch/security/ssl/ExternalSecurityKeyStore.java index 9ea0276912..25d0599c58 100644 --- a/src/main/java/org/opensearch/security/ssl/ExternalSecurityKeyStore.java +++ b/src/main/java/org/opensearch/security/ssl/ExternalSecurityKeyStore.java @@ -24,7 +24,6 @@ import java.util.Map; import java.util.Objects; import java.util.concurrent.ConcurrentHashMap; - import javax.net.ssl.SSLContext; import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLException; diff --git a/src/main/java/org/opensearch/security/ssl/OpenSearchSecuritySSLPlugin.java b/src/main/java/org/opensearch/security/ssl/OpenSearchSecuritySSLPlugin.java index 722e55370e..e6e4e85b33 100644 --- a/src/main/java/org/opensearch/security/ssl/OpenSearchSecuritySSLPlugin.java +++ b/src/main/java/org/opensearch/security/ssl/OpenSearchSecuritySSLPlugin.java @@ -31,8 +31,6 @@ import java.util.function.Supplier; import com.fasterxml.jackson.databind.InjectableValues; -import io.netty.handler.ssl.OpenSsl; -import io.netty.util.internal.PlatformDependent; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; @@ -44,7 +42,6 @@ import org.opensearch.cluster.node.DiscoveryNodes; import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.Booleans; -import org.opensearch.core.common.io.stream.NamedWriteableRegistry; import org.opensearch.common.network.NetworkModule; import org.opensearch.common.network.NetworkService; import org.opensearch.common.settings.ClusterSettings; @@ -56,6 +53,7 @@ import org.opensearch.common.util.BigArrays; import org.opensearch.common.util.PageCacheRecycler; import org.opensearch.common.util.concurrent.ThreadContext; +import org.opensearch.core.common.io.stream.NamedWriteableRegistry; import org.opensearch.core.indices.breaker.CircuitBreakerService; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.env.Environment; @@ -88,6 +86,9 @@ import org.opensearch.transport.TransportInterceptor; import org.opensearch.watcher.ResourceWatcherService; +import io.netty.handler.ssl.OpenSsl; +import io.netty.util.internal.PlatformDependent; + //For ES5 this class has only effect when SSL only plugin is installed public class OpenSearchSecuritySSLPlugin extends Plugin implements SystemIndexPlugin, NetworkPlugin { diff --git a/src/main/java/org/opensearch/security/ssl/SecureSSLSettings.java b/src/main/java/org/opensearch/security/ssl/SecureSSLSettings.java index 1581deba20..171bb18bb5 100644 --- a/src/main/java/org/opensearch/security/ssl/SecureSSLSettings.java +++ b/src/main/java/org/opensearch/security/ssl/SecureSSLSettings.java @@ -24,9 +24,9 @@ import org.apache.logging.log4j.Logger; import org.opensearch.common.settings.SecureSetting; -import org.opensearch.core.common.settings.SecureString; import org.opensearch.common.settings.Setting; import org.opensearch.common.settings.Settings; +import org.opensearch.core.common.settings.SecureString; import static org.opensearch.security.ssl.util.SSLConfigConstants.DEFAULT_STORE_PASSWORD; diff --git a/src/main/java/org/opensearch/security/ssl/SecurityKeyStore.java b/src/main/java/org/opensearch/security/ssl/SecurityKeyStore.java index 835ac92a23..03b5df2100 100644 --- a/src/main/java/org/opensearch/security/ssl/SecurityKeyStore.java +++ b/src/main/java/org/opensearch/security/ssl/SecurityKeyStore.java @@ -18,7 +18,6 @@ package org.opensearch.security.ssl; import java.security.cert.X509Certificate; - import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLException; diff --git a/src/main/java/org/opensearch/security/ssl/http/netty/Netty4ConditionalDecompressor.java b/src/main/java/org/opensearch/security/ssl/http/netty/Netty4ConditionalDecompressor.java index 1eec49add0..f133d997f9 100644 --- a/src/main/java/org/opensearch/security/ssl/http/netty/Netty4ConditionalDecompressor.java +++ b/src/main/java/org/opensearch/security/ssl/http/netty/Netty4ConditionalDecompressor.java @@ -8,14 +8,14 @@ package org.opensearch.security.ssl.http.netty; +import org.opensearch.security.filter.NettyAttribute; + import io.netty.channel.embedded.EmbeddedChannel; import io.netty.handler.codec.http.HttpContentDecompressor; import static org.opensearch.security.http.SecurityHttpServerTransport.EARLY_RESPONSE; import static org.opensearch.security.http.SecurityHttpServerTransport.SHOULD_DECOMPRESS; -import org.opensearch.security.filter.NettyAttribute; - public class Netty4ConditionalDecompressor extends HttpContentDecompressor { @Override diff --git a/src/main/java/org/opensearch/security/ssl/http/netty/Netty4HttpRequestHeaderVerifier.java b/src/main/java/org/opensearch/security/ssl/http/netty/Netty4HttpRequestHeaderVerifier.java index 51825e977b..9adca0f377 100644 --- a/src/main/java/org/opensearch/security/ssl/http/netty/Netty4HttpRequestHeaderVerifier.java +++ b/src/main/java/org/opensearch/security/ssl/http/netty/Netty4HttpRequestHeaderVerifier.java @@ -8,15 +8,10 @@ package org.opensearch.security.ssl.http.netty; -import io.netty.channel.SimpleChannelInboundHandler; -import io.netty.handler.codec.http.DefaultHttpRequest; -import io.netty.handler.codec.http.HttpRequest; -import io.netty.util.ReferenceCountUtil; import org.opensearch.ExceptionsHelper; +import org.opensearch.OpenSearchSecurityException; +import org.opensearch.common.settings.Settings; import org.opensearch.common.util.concurrent.ThreadContext; - -import io.netty.channel.ChannelHandler.Sharable; -import io.netty.channel.ChannelHandlerContext; import org.opensearch.http.netty4.Netty4HttpChannel; import org.opensearch.http.netty4.Netty4HttpServerTransport; import org.opensearch.security.filter.SecurityRequestChannel; @@ -25,17 +20,22 @@ import org.opensearch.security.filter.SecurityResponse; import org.opensearch.security.filter.SecurityRestFilter; import org.opensearch.security.filter.SecurityRestUtils; +import org.opensearch.security.ssl.OpenSearchSecuritySSLPlugin; import org.opensearch.security.ssl.transport.SSLConfig; -import org.opensearch.threadpool.ThreadPool; import org.opensearch.security.support.ConfigConstants; -import org.opensearch.security.ssl.OpenSearchSecuritySSLPlugin; -import org.opensearch.common.settings.Settings; -import org.opensearch.OpenSearchSecurityException; +import org.opensearch.threadpool.ThreadPool; + +import io.netty.channel.ChannelHandler.Sharable; +import io.netty.channel.ChannelHandlerContext; +import io.netty.channel.SimpleChannelInboundHandler; +import io.netty.handler.codec.http.DefaultHttpRequest; +import io.netty.handler.codec.http.HttpRequest; +import io.netty.util.ReferenceCountUtil; import static org.opensearch.security.http.SecurityHttpServerTransport.CONTEXT_TO_RESTORE; import static org.opensearch.security.http.SecurityHttpServerTransport.EARLY_RESPONSE; -import static org.opensearch.security.http.SecurityHttpServerTransport.SHOULD_DECOMPRESS; import static org.opensearch.security.http.SecurityHttpServerTransport.IS_AUTHENTICATED; +import static org.opensearch.security.http.SecurityHttpServerTransport.SHOULD_DECOMPRESS; @Sharable public class Netty4HttpRequestHeaderVerifier extends SimpleChannelInboundHandler { diff --git a/src/main/java/org/opensearch/security/ssl/http/netty/SecuritySSLNettyHttpServerTransport.java b/src/main/java/org/opensearch/security/ssl/http/netty/SecuritySSLNettyHttpServerTransport.java index eb2acdce49..fc2f31b2b0 100644 --- a/src/main/java/org/opensearch/security/ssl/http/netty/SecuritySSLNettyHttpServerTransport.java +++ b/src/main/java/org/opensearch/security/ssl/http/netty/SecuritySSLNettyHttpServerTransport.java @@ -17,14 +17,6 @@ package org.opensearch.security.ssl.http.netty; -import io.netty.channel.Channel; -import io.netty.channel.ChannelHandler; -import io.netty.channel.ChannelHandlerContext; -import io.netty.channel.ChannelInboundHandlerAdapter; -import io.netty.handler.codec.DecoderException; -import io.netty.handler.ssl.ApplicationProtocolNames; -import io.netty.handler.ssl.ApplicationProtocolNegotiationHandler; -import io.netty.handler.ssl.SslHandler; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; @@ -44,6 +36,15 @@ import org.opensearch.threadpool.ThreadPool; import org.opensearch.transport.SharedGroupFactory; +import io.netty.channel.Channel; +import io.netty.channel.ChannelHandler; +import io.netty.channel.ChannelHandlerContext; +import io.netty.channel.ChannelInboundHandlerAdapter; +import io.netty.handler.codec.DecoderException; +import io.netty.handler.ssl.ApplicationProtocolNames; +import io.netty.handler.ssl.ApplicationProtocolNegotiationHandler; +import io.netty.handler.ssl.SslHandler; + public class SecuritySSLNettyHttpServerTransport extends Netty4HttpServerTransport { private static final Logger logger = LogManager.getLogger(SecuritySSLNettyHttpServerTransport.class); private final SecurityKeyStore sks; diff --git a/src/main/java/org/opensearch/security/ssl/http/netty/ValidatingDispatcher.java b/src/main/java/org/opensearch/security/ssl/http/netty/ValidatingDispatcher.java index dcd25c2837..32c6cd9aa3 100644 --- a/src/main/java/org/opensearch/security/ssl/http/netty/ValidatingDispatcher.java +++ b/src/main/java/org/opensearch/security/ssl/http/netty/ValidatingDispatcher.java @@ -18,7 +18,6 @@ package org.opensearch.security.ssl.http.netty; import java.nio.file.Path; - import javax.net.ssl.SSLPeerUnverifiedException; import org.apache.logging.log4j.LogManager; @@ -29,10 +28,10 @@ import org.opensearch.OpenSearchSecurityException; import org.opensearch.common.settings.Settings; import org.opensearch.common.util.concurrent.ThreadContext; +import org.opensearch.core.rest.RestStatus; import org.opensearch.http.HttpServerTransport.Dispatcher; import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestRequest; -import org.opensearch.core.rest.RestStatus; import org.opensearch.security.filter.SecurityRequestChannel; import org.opensearch.security.filter.SecurityRequestFactory; import org.opensearch.security.ssl.SslExceptionHandler; diff --git a/src/main/java/org/opensearch/security/ssl/rest/SecuritySSLInfoAction.java b/src/main/java/org/opensearch/security/ssl/rest/SecuritySSLInfoAction.java index 8e32893eab..b9f9e949ec 100644 --- a/src/main/java/org/opensearch/security/ssl/rest/SecuritySSLInfoAction.java +++ b/src/main/java/org/opensearch/security/ssl/rest/SecuritySSLInfoAction.java @@ -25,12 +25,12 @@ import java.util.List; import java.util.stream.Collectors; -import io.netty.handler.ssl.OpenSsl; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; import org.opensearch.client.node.NodeClient; import org.opensearch.common.settings.Settings; +import org.opensearch.core.rest.RestStatus; import org.opensearch.core.xcontent.XContentBuilder; import org.opensearch.rest.BaseRestHandler; import org.opensearch.rest.BytesRestResponse; @@ -38,13 +38,14 @@ import org.opensearch.rest.RestController; import org.opensearch.rest.RestRequest; import org.opensearch.rest.RestRequest.Method; -import org.opensearch.core.rest.RestStatus; import org.opensearch.security.filter.SecurityRequestFactory; import org.opensearch.security.ssl.SecurityKeyStore; import org.opensearch.security.ssl.transport.PrincipalExtractor; import org.opensearch.security.ssl.util.SSLRequestHelper; import org.opensearch.security.ssl.util.SSLRequestHelper.SSLInfo; +import io.netty.handler.ssl.OpenSsl; + public class SecuritySSLInfoAction extends BaseRestHandler { private static final List routes = Collections.singletonList(new Route(Method.GET, "/_opendistro/_security/sslinfo")); diff --git a/src/main/java/org/opensearch/security/ssl/transport/DefaultPrincipalExtractor.java b/src/main/java/org/opensearch/security/ssl/transport/DefaultPrincipalExtractor.java index 8878a2b0f5..015b29969b 100644 --- a/src/main/java/org/opensearch/security/ssl/transport/DefaultPrincipalExtractor.java +++ b/src/main/java/org/opensearch/security/ssl/transport/DefaultPrincipalExtractor.java @@ -24,7 +24,6 @@ import java.util.Collections; import java.util.List; import java.util.stream.Collectors; - import javax.naming.InvalidNameException; import javax.naming.ldap.LdapName; import javax.naming.ldap.Rdn; diff --git a/src/main/java/org/opensearch/security/ssl/transport/DualModeSSLHandler.java b/src/main/java/org/opensearch/security/ssl/transport/DualModeSSLHandler.java index 5e85638dd1..a7961f864b 100644 --- a/src/main/java/org/opensearch/security/ssl/transport/DualModeSSLHandler.java +++ b/src/main/java/org/opensearch/security/ssl/transport/DualModeSSLHandler.java @@ -12,10 +12,16 @@ import java.nio.charset.StandardCharsets; import java.util.List; - import javax.net.ssl.SSLException; import com.google.common.annotations.VisibleForTesting; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; + +import org.opensearch.security.ssl.SecurityKeyStore; +import org.opensearch.security.ssl.util.SSLConnectionTestUtil; +import org.opensearch.security.ssl.util.TLSUtil; + import io.netty.buffer.ByteBuf; import io.netty.buffer.Unpooled; import io.netty.channel.ChannelFutureListener; @@ -23,12 +29,6 @@ import io.netty.channel.ChannelPipeline; import io.netty.handler.codec.ByteToMessageDecoder; import io.netty.handler.ssl.SslHandler; -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; - -import org.opensearch.security.ssl.SecurityKeyStore; -import org.opensearch.security.ssl.util.SSLConnectionTestUtil; -import org.opensearch.security.ssl.util.TLSUtil; /** * Modifies the current pipeline dynamically to enable TLS diff --git a/src/main/java/org/opensearch/security/ssl/transport/SecuritySSLNettyTransport.java b/src/main/java/org/opensearch/security/ssl/transport/SecuritySSLNettyTransport.java index 7aeebdaf9f..242c7c56ed 100644 --- a/src/main/java/org/opensearch/security/ssl/transport/SecuritySSLNettyTransport.java +++ b/src/main/java/org/opensearch/security/ssl/transport/SecuritySSLNettyTransport.java @@ -32,27 +32,19 @@ import java.net.SocketAddress; import java.security.AccessController; import java.security.PrivilegedAction; - import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLException; -import io.netty.channel.Channel; -import io.netty.channel.ChannelHandler; -import io.netty.channel.ChannelHandlerContext; -import io.netty.channel.ChannelOutboundHandlerAdapter; -import io.netty.channel.ChannelPromise; -import io.netty.handler.codec.DecoderException; -import io.netty.handler.ssl.SslHandler; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; import org.opensearch.ExceptionsHelper; import org.opensearch.Version; import org.opensearch.cluster.node.DiscoveryNode; -import org.opensearch.core.common.io.stream.NamedWriteableRegistry; import org.opensearch.common.network.NetworkService; import org.opensearch.common.settings.Settings; import org.opensearch.common.util.PageCacheRecycler; +import org.opensearch.core.common.io.stream.NamedWriteableRegistry; import org.opensearch.core.indices.breaker.CircuitBreakerService; import org.opensearch.security.ssl.SecurityKeyStore; import org.opensearch.security.ssl.SslExceptionHandler; @@ -65,6 +57,14 @@ import org.opensearch.transport.TcpChannel; import org.opensearch.transport.netty4.Netty4Transport; +import io.netty.channel.Channel; +import io.netty.channel.ChannelHandler; +import io.netty.channel.ChannelHandlerContext; +import io.netty.channel.ChannelOutboundHandlerAdapter; +import io.netty.channel.ChannelPromise; +import io.netty.handler.codec.DecoderException; +import io.netty.handler.ssl.SslHandler; + public class SecuritySSLNettyTransport extends Netty4Transport { private static final Logger logger = LogManager.getLogger(SecuritySSLNettyTransport.class); diff --git a/src/main/java/org/opensearch/security/ssl/transport/SecuritySSLRequestHandler.java b/src/main/java/org/opensearch/security/ssl/transport/SecuritySSLRequestHandler.java index 63148d4ce6..78c98dd99f 100644 --- a/src/main/java/org/opensearch/security/ssl/transport/SecuritySSLRequestHandler.java +++ b/src/main/java/org/opensearch/security/ssl/transport/SecuritySSLRequestHandler.java @@ -21,10 +21,8 @@ import java.security.cert.Certificate; import java.security.cert.X509Certificate; import java.util.Arrays; - import javax.net.ssl.SSLPeerUnverifiedException; -import io.netty.handler.ssl.SslHandler; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; @@ -45,6 +43,8 @@ import org.opensearch.transport.TransportRequestHandler; import org.opensearch.transport.netty4.Netty4TcpChannel; +import io.netty.handler.ssl.SslHandler; + public class SecuritySSLRequestHandler implements TransportRequestHandler { private final String action; diff --git a/src/main/java/org/opensearch/security/ssl/util/SSLRequestHelper.java b/src/main/java/org/opensearch/security/ssl/util/SSLRequestHelper.java index df92bfc703..5ca83da23a 100644 --- a/src/main/java/org/opensearch/security/ssl/util/SSLRequestHelper.java +++ b/src/main/java/org/opensearch/security/ssl/util/SSLRequestHelper.java @@ -31,7 +31,6 @@ import java.util.Collection; import java.util.Date; import java.util.Map.Entry; - import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLPeerUnverifiedException; import javax.net.ssl.SSLSession; diff --git a/src/main/java/org/opensearch/security/support/Base64CustomHelper.java b/src/main/java/org/opensearch/security/support/Base64CustomHelper.java index dc66268fcd..30fab31907 100644 --- a/src/main/java/org/opensearch/security/support/Base64CustomHelper.java +++ b/src/main/java/org/opensearch/security/support/Base64CustomHelper.java @@ -11,23 +11,25 @@ package org.opensearch.security.support; -import com.amazon.dlic.auth.ldap.LdapUser; +import java.io.IOException; +import java.io.Serializable; + import com.google.common.base.Preconditions; import com.google.common.collect.BiMap; import com.google.common.collect.HashBiMap; import com.google.common.io.BaseEncoding; + import org.opensearch.OpenSearchException; import org.opensearch.common.Nullable; -import org.opensearch.core.common.io.stream.BytesStreamInput; import org.opensearch.common.io.stream.BytesStreamOutput; +import org.opensearch.core.common.Strings; +import org.opensearch.core.common.io.stream.BytesStreamInput; import org.opensearch.core.common.io.stream.StreamInput; import org.opensearch.core.common.io.stream.Writeable; -import org.opensearch.core.common.Strings; import org.opensearch.security.auth.UserInjector; import org.opensearch.security.user.User; -import java.io.IOException; -import java.io.Serializable; +import com.amazon.dlic.auth.ldap.LdapUser; import static org.opensearch.security.support.SafeSerializationUtils.prohibitUnsafeClasses; diff --git a/src/main/java/org/opensearch/security/support/ConfigHelper.java b/src/main/java/org/opensearch/security/support/ConfigHelper.java index 434a8a02fa..4f310f6af7 100644 --- a/src/main/java/org/opensearch/security/support/ConfigHelper.java +++ b/src/main/java/org/opensearch/security/support/ConfigHelper.java @@ -42,9 +42,9 @@ import org.opensearch.action.index.IndexRequest; import org.opensearch.action.support.WriteRequest.RefreshPolicy; import org.opensearch.client.Client; -import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.xcontent.XContentFactory; import org.opensearch.common.xcontent.XContentType; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.core.xcontent.MediaType; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.core.xcontent.XContentBuilder; diff --git a/src/main/java/org/opensearch/security/support/HTTPHelper.java b/src/main/java/org/opensearch/security/support/HTTPHelper.java index fe590f0d34..10763ce35b 100644 --- a/src/main/java/org/opensearch/security/support/HTTPHelper.java +++ b/src/main/java/org/opensearch/security/support/HTTPHelper.java @@ -32,6 +32,7 @@ import java.util.Map; import org.apache.logging.log4j.Logger; + import org.opensearch.security.filter.SecurityRequest; import org.opensearch.security.user.AuthCredentials; diff --git a/src/main/java/org/opensearch/security/support/ModuleInfo.java b/src/main/java/org/opensearch/security/support/ModuleInfo.java index a225aee3be..e8c3e101ab 100644 --- a/src/main/java/org/opensearch/security/support/ModuleInfo.java +++ b/src/main/java/org/opensearch/security/support/ModuleInfo.java @@ -26,15 +26,15 @@ package org.opensearch.security.support; -import org.opensearch.core.common.io.stream.StreamInput; -import org.opensearch.core.common.io.stream.StreamOutput; -import org.opensearch.core.common.io.stream.Writeable; - import java.io.IOException; import java.io.Serializable; import java.util.HashMap; import java.util.Map; +import org.opensearch.core.common.io.stream.StreamInput; +import org.opensearch.core.common.io.stream.StreamOutput; +import org.opensearch.core.common.io.stream.Writeable; + public class ModuleInfo implements Serializable, Writeable { private static final long serialVersionUID = -1077651823194285138L; diff --git a/src/main/java/org/opensearch/security/support/PemKeyReader.java b/src/main/java/org/opensearch/security/support/PemKeyReader.java index 4227c2129b..230fb29a4a 100644 --- a/src/main/java/org/opensearch/security/support/PemKeyReader.java +++ b/src/main/java/org/opensearch/security/support/PemKeyReader.java @@ -51,7 +51,6 @@ import java.security.spec.InvalidKeySpecException; import java.security.spec.PKCS8EncodedKeySpec; import java.util.Collection; - import javax.crypto.Cipher; import javax.crypto.EncryptedPrivateKeyInfo; import javax.crypto.NoSuchPaddingException; @@ -61,9 +60,9 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; - import org.bouncycastle.util.io.pem.PemObject; import org.bouncycastle.util.io.pem.PemReader; + import org.opensearch.OpenSearchException; import org.opensearch.common.settings.Settings; import org.opensearch.env.Environment; diff --git a/src/main/java/org/opensearch/security/support/SafeSerializationUtils.java b/src/main/java/org/opensearch/security/support/SafeSerializationUtils.java index c980959f68..b58e4afd35 100644 --- a/src/main/java/org/opensearch/security/support/SafeSerializationUtils.java +++ b/src/main/java/org/opensearch/security/support/SafeSerializationUtils.java @@ -11,16 +11,6 @@ package org.opensearch.security.support; -import com.amazon.dlic.auth.ldap.LdapUser; -import com.google.common.collect.ImmutableList; -import com.google.common.collect.ImmutableSet; -import org.ldaptive.AbstractLdapBean; -import org.ldaptive.LdapAttribute; -import org.ldaptive.LdapEntry; -import org.ldaptive.SearchEntry; -import org.opensearch.security.auth.UserInjector; -import org.opensearch.security.user.User; - import java.io.IOException; import java.net.InetAddress; import java.net.InetSocketAddress; @@ -32,6 +22,18 @@ import java.util.Set; import java.util.regex.Pattern; +import com.google.common.collect.ImmutableList; +import com.google.common.collect.ImmutableSet; + +import org.opensearch.security.auth.UserInjector; +import org.opensearch.security.user.User; + +import com.amazon.dlic.auth.ldap.LdapUser; +import org.ldaptive.AbstractLdapBean; +import org.ldaptive.LdapAttribute; +import org.ldaptive.LdapEntry; +import org.ldaptive.SearchEntry; + /** * Provides functionality to verify if a class is categorised to be safe for serialization or * deserialization by the security plugin. diff --git a/src/main/java/org/opensearch/security/tools/SecurityAdmin.java b/src/main/java/org/opensearch/security/tools/SecurityAdmin.java index ec877bb2cb..580b0ed586 100644 --- a/src/main/java/org/opensearch/security/tools/SecurityAdmin.java +++ b/src/main/java/org/opensearch/security/tools/SecurityAdmin.java @@ -51,19 +51,18 @@ import java.util.HashMap; import java.util.Locale; import java.util.Map; - import javax.net.ssl.HostnameVerifier; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLEngine; -import com.fasterxml.jackson.databind.InjectableValues; -import com.fasterxml.jackson.databind.JsonNode; import com.google.common.base.Charsets; import com.google.common.base.Joiner; import com.google.common.collect.Iterators; import com.google.common.io.ByteSource; import com.google.common.io.CharStreams; import com.google.common.io.Files; +import com.fasterxml.jackson.databind.InjectableValues; +import com.fasterxml.jackson.databind.JsonNode; import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.CommandLineParser; import org.apache.commons.cli.DefaultParser; @@ -109,21 +108,21 @@ import org.opensearch.client.indices.GetIndexResponse; import org.opensearch.client.transport.NoNodeAvailableException; import org.opensearch.cluster.health.ClusterHealthStatus; -import org.opensearch.core.common.Strings; -import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.collect.Tuple; import org.opensearch.common.settings.Settings; import org.opensearch.common.unit.TimeValue; import org.opensearch.common.xcontent.XContentFactory; import org.opensearch.common.xcontent.XContentType; import org.opensearch.common.xcontent.json.JsonXContent; +import org.opensearch.core.common.Strings; +import org.opensearch.core.common.bytes.BytesReference; +import org.opensearch.core.rest.RestStatus; import org.opensearch.core.xcontent.MediaType; import org.opensearch.core.xcontent.MediaTypeRegistry; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.core.xcontent.XContentBuilder; import org.opensearch.core.xcontent.XContentParser; import org.opensearch.index.IndexNotFoundException; -import org.opensearch.core.rest.RestStatus; import org.opensearch.security.DefaultObjectMapper; import org.opensearch.security.NonValidatingObjectMapper; import org.opensearch.security.auditlog.config.AuditConfig; diff --git a/src/main/java/org/opensearch/security/transport/DefaultInterClusterRequestEvaluator.java b/src/main/java/org/opensearch/security/transport/DefaultInterClusterRequestEvaluator.java index 8b3bb0a85e..02e11ae51b 100644 --- a/src/main/java/org/opensearch/security/transport/DefaultInterClusterRequestEvaluator.java +++ b/src/main/java/org/opensearch/security/transport/DefaultInterClusterRequestEvaluator.java @@ -37,7 +37,6 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.greenrobot.eventbus.Subscribe; import org.opensearch.OpenSearchException; import org.opensearch.common.settings.Settings; @@ -47,6 +46,8 @@ import org.opensearch.security.support.WildcardMatcher; import org.opensearch.transport.TransportRequest; +import org.greenrobot.eventbus.Subscribe; + public final class DefaultInterClusterRequestEvaluator implements InterClusterRequestEvaluator { private final Logger log = LogManager.getLogger(this.getClass()); diff --git a/src/main/java/org/opensearch/security/transport/SecurityInterceptor.java b/src/main/java/org/opensearch/security/transport/SecurityInterceptor.java index f064f0af04..fe1094c411 100644 --- a/src/main/java/org/opensearch/security/transport/SecurityInterceptor.java +++ b/src/main/java/org/opensearch/security/transport/SecurityInterceptor.java @@ -45,10 +45,11 @@ import org.opensearch.action.search.SearchRequest; import org.opensearch.cluster.node.DiscoveryNode; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.core.common.io.stream.StreamInput; import org.opensearch.common.settings.Settings; -import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.common.util.concurrent.ThreadContext; +import org.opensearch.core.common.io.stream.StreamInput; +import org.opensearch.core.common.transport.TransportAddress; +import org.opensearch.core.transport.TransportResponse; import org.opensearch.security.OpenSearchSecurityPlugin; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.auditlog.AuditLog.Origin; @@ -68,7 +69,6 @@ import org.opensearch.transport.TransportRequest; import org.opensearch.transport.TransportRequestHandler; import org.opensearch.transport.TransportRequestOptions; -import org.opensearch.core.transport.TransportResponse; import org.opensearch.transport.TransportResponseHandler; import static org.opensearch.security.OpenSearchSecurityPlugin.isActionTraceEnabled; diff --git a/src/main/java/org/opensearch/security/transport/SecurityRequestHandler.java b/src/main/java/org/opensearch/security/transport/SecurityRequestHandler.java index 3ba379dd67..5845c63672 100644 --- a/src/main/java/org/opensearch/security/transport/SecurityRequestHandler.java +++ b/src/main/java/org/opensearch/security/transport/SecurityRequestHandler.java @@ -40,8 +40,8 @@ import org.opensearch.action.bulk.BulkShardRequest; import org.opensearch.action.support.replication.TransportReplicationAction.ConcreteShardRequest; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.common.util.concurrent.ThreadContext; +import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.extensions.ExtensionsManager; import org.opensearch.search.internal.ShardSearchRequest; import org.opensearch.security.OpenSearchSecurityPlugin; diff --git a/src/main/java/org/opensearch/security/user/UserService.java b/src/main/java/org/opensearch/security/user/UserService.java index e7c30b97b0..937a5331a8 100644 --- a/src/main/java/org/opensearch/security/user/UserService.java +++ b/src/main/java/org/opensearch/security/user/UserService.java @@ -23,11 +23,11 @@ import java.util.Random; import java.util.stream.Collectors; +import com.google.common.collect.ImmutableList; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.node.ObjectNode; -import com.google.common.collect.ImmutableList; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; @@ -52,6 +52,7 @@ import org.opensearch.security.securityconf.impl.v7.InternalUserV7; import org.opensearch.security.support.ConfigConstants; import org.opensearch.security.support.SecurityJsonNode; + import org.passay.CharacterRule; import org.passay.EnglishCharacterData; import org.passay.PasswordGenerator; diff --git a/src/main/java/org/opensearch/security/util/KeyUtils.java b/src/main/java/org/opensearch/security/util/KeyUtils.java index c232dda3a2..4f03c08cd5 100644 --- a/src/main/java/org/opensearch/security/util/KeyUtils.java +++ b/src/main/java/org/opensearch/security/util/KeyUtils.java @@ -11,14 +11,6 @@ package org.opensearch.security.util; -import io.jsonwebtoken.JwtParserBuilder; -import io.jsonwebtoken.Jwts; -import io.jsonwebtoken.security.Keys; -import org.apache.logging.log4j.Logger; -import org.opensearch.OpenSearchSecurityException; -import org.opensearch.SpecialPermission; -import org.opensearch.core.common.Strings; - import java.security.AccessController; import java.security.KeyFactory; import java.security.NoSuchAlgorithmException; @@ -29,6 +21,16 @@ import java.util.Base64; import java.util.Objects; +import org.apache.logging.log4j.Logger; + +import org.opensearch.OpenSearchSecurityException; +import org.opensearch.SpecialPermission; +import org.opensearch.core.common.Strings; + +import io.jsonwebtoken.JwtParserBuilder; +import io.jsonwebtoken.Jwts; +import io.jsonwebtoken.security.Keys; + public class KeyUtils { public static JwtParserBuilder createJwtParserBuilderFromSigningKey(final String signingKey, final Logger log) { diff --git a/src/test/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticatorTest.java b/src/test/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticatorTest.java index 4f141994e3..3c9f2c158a 100644 --- a/src/test/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticatorTest.java +++ b/src/test/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticatorTest.java @@ -21,14 +21,9 @@ import java.util.Date; import java.util.HashMap; import java.util.Map; - import javax.crypto.SecretKey; import com.google.common.io.BaseEncoding; -import io.jsonwebtoken.JwtBuilder; -import io.jsonwebtoken.Jwts; -import io.jsonwebtoken.SignatureAlgorithm; -import io.jsonwebtoken.security.Keys; import org.apache.hc.core5.http.HttpHeaders; import org.junit.Assert; import org.junit.Test; @@ -38,6 +33,11 @@ import org.opensearch.security.user.AuthCredentials; import org.opensearch.security.util.FakeRestRequest; +import io.jsonwebtoken.JwtBuilder; +import io.jsonwebtoken.Jwts; +import io.jsonwebtoken.SignatureAlgorithm; +import io.jsonwebtoken.security.Keys; + import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; diff --git a/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/KeySetRetrieverTest.java b/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/KeySetRetrieverTest.java index 273cadca08..3030d1775e 100644 --- a/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/KeySetRetrieverTest.java +++ b/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/KeySetRetrieverTest.java @@ -18,7 +18,6 @@ import java.security.cert.CertificateEncodingException; import java.security.cert.X509Certificate; import java.util.Map; - import javax.net.ssl.SSLParameters; import javax.net.ssl.SSLSession; @@ -37,11 +36,11 @@ import org.junit.BeforeClass; import org.junit.Test; -import com.amazon.dlic.util.SettingsBasedSSLConfigurator; - import org.opensearch.security.test.helper.file.FileHelper; import org.opensearch.security.test.helper.network.SocketUtils; +import com.amazon.dlic.util.SettingsBasedSSLConfigurator; + public class KeySetRetrieverTest { protected static MockIpdServer mockIdpServer; diff --git a/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/MockIpdServer.java b/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/MockIpdServer.java index 20c71b0340..703eca4550 100644 --- a/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/MockIpdServer.java +++ b/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/MockIpdServer.java @@ -18,13 +18,11 @@ import java.net.Socket; import java.security.GeneralSecurityException; import java.security.KeyStore; - import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLParameters; import javax.net.ssl.TrustManagerFactory; -import com.nimbusds.jose.jwk.JWKSet; import org.apache.hc.core5.function.Callback; import org.apache.hc.core5.http.ClassicHttpRequest; import org.apache.hc.core5.http.ClassicHttpResponse; @@ -42,6 +40,8 @@ import org.opensearch.security.test.helper.file.FileHelper; import org.opensearch.security.test.helper.network.SocketUtils; +import com.nimbusds.jose.jwk.JWKSet; + class MockIpdServer implements Closeable { final static String CTX_DISCOVER = "/discover"; final static String CTX_KEYS = "/api/oauth/keys"; diff --git a/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/SelfRefreshingKeySetTest.java b/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/SelfRefreshingKeySetTest.java index ba7f65b7ee..bab23c5fc4 100644 --- a/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/SelfRefreshingKeySetTest.java +++ b/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/SelfRefreshingKeySetTest.java @@ -15,11 +15,12 @@ import java.util.concurrent.Executors; import java.util.concurrent.Future; +import org.junit.Assert; +import org.junit.Test; + import com.nimbusds.jose.jwk.JWK; import com.nimbusds.jose.jwk.JWKSet; import com.nimbusds.jose.jwk.OctetSequenceKey; -import org.junit.Assert; -import org.junit.Test; public class SelfRefreshingKeySetTest { diff --git a/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/TestJwts.java b/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/TestJwts.java index 9d49596e73..4a6d5f97e9 100644 --- a/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/TestJwts.java +++ b/src/test/java/com/amazon/dlic/auth/http/jwt/keybyoidc/TestJwts.java @@ -14,6 +14,8 @@ import java.util.Set; import com.google.common.collect.ImmutableSet; +import org.apache.logging.log4j.util.Strings; + import com.nimbusds.jose.JOSEException; import com.nimbusds.jose.JWSAlgorithm; import com.nimbusds.jose.JWSHeader; @@ -22,7 +24,6 @@ import com.nimbusds.jose.jwk.JWK; import com.nimbusds.jwt.JWTClaimsSet; import com.nimbusds.jwt.SignedJWT; -import org.apache.logging.log4j.util.Strings; import static com.nimbusds.jwt.JWTClaimNames.EXPIRATION_TIME; import static com.nimbusds.jwt.JWTClaimNames.NOT_BEFORE; diff --git a/src/test/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticatorTest.java b/src/test/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticatorTest.java index bbb0850392..c76a1b546d 100644 --- a/src/test/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticatorTest.java +++ b/src/test/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticatorTest.java @@ -29,41 +29,41 @@ import java.util.Set; import java.util.regex.Matcher; import java.util.regex.Pattern; - import javax.net.ssl.KeyManagerFactory; -import com.fasterxml.jackson.core.type.TypeReference; import com.google.common.collect.ImmutableMap; -import com.nimbusds.jwt.SignedJWT; +import com.fasterxml.jackson.core.type.TypeReference; import org.hamcrest.Matchers; import org.junit.After; import org.junit.Assert; import org.junit.Before; import org.junit.BeforeClass; import org.junit.Test; -import org.opensaml.saml.saml2.core.NameIDType; -import org.opensearch.core.common.bytes.BytesArray; import org.opensearch.common.io.stream.BytesStreamOutput; import org.opensearch.common.settings.Settings; +import org.opensearch.core.common.bytes.BytesArray; +import org.opensearch.core.rest.RestStatus; import org.opensearch.core.xcontent.MediaType; import org.opensearch.core.xcontent.XContentBuilder; import org.opensearch.rest.RestChannel; import org.opensearch.rest.RestRequest; import org.opensearch.rest.RestRequest.Method; import org.opensearch.rest.RestResponse; -import org.opensearch.core.rest.RestStatus; import org.opensearch.security.DefaultObjectMapper; +import org.opensearch.security.filter.SecurityRequest; import org.opensearch.security.filter.SecurityRequestFactory; import org.opensearch.security.filter.SecurityResponse; -import org.opensearch.security.filter.SecurityRequest; import org.opensearch.security.test.helper.file.FileHelper; import org.opensearch.security.user.AuthCredentials; import org.opensearch.security.util.FakeRestRequest; +import com.nimbusds.jwt.SignedJWT; +import org.opensaml.saml.saml2.core.NameIDType; + +import static org.hamcrest.MatcherAssert.assertThat; import static com.amazon.dlic.auth.http.saml.HTTPSamlAuthenticator.IDP_METADATA_CONTENT; import static com.amazon.dlic.auth.http.saml.HTTPSamlAuthenticator.IDP_METADATA_URL; -import static org.hamcrest.MatcherAssert.assertThat; public class HTTPSamlAuthenticatorTest { protected MockSamlIdpServer mockSamlIdpServer; diff --git a/src/test/java/com/amazon/dlic/auth/http/saml/MockSamlIdpServer.java b/src/test/java/com/amazon/dlic/auth/http/saml/MockSamlIdpServer.java index c984b4f670..1cf9205a67 100644 --- a/src/test/java/com/amazon/dlic/auth/http/saml/MockSamlIdpServer.java +++ b/src/test/java/com/amazon/dlic/auth/http/saml/MockSamlIdpServer.java @@ -42,7 +42,6 @@ import java.util.Locale; import java.util.Map; import java.util.stream.Collectors; - import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLParameters; @@ -62,9 +61,6 @@ import javax.xml.transform.dom.DOMSource; import javax.xml.transform.stream.StreamResult; -import net.shibboleth.utilities.java.support.codec.Base64Support; -import net.shibboleth.utilities.java.support.codec.EncodingException; -import net.shibboleth.utilities.java.support.component.ComponentInitializationException; import org.apache.hc.core5.function.Callback; import org.apache.hc.core5.http.ClassicHttpRequest; import org.apache.hc.core5.http.ClassicHttpResponse; @@ -86,6 +82,13 @@ import org.apache.hc.core5.http.message.BasicHttpRequest; import org.apache.hc.core5.http.protocol.HttpContext; import org.apache.hc.core5.net.URIBuilder; + +import org.opensearch.security.test.helper.file.FileHelper; +import org.opensearch.security.test.helper.network.SocketUtils; + +import net.shibboleth.utilities.java.support.codec.Base64Support; +import net.shibboleth.utilities.java.support.codec.EncodingException; +import net.shibboleth.utilities.java.support.component.ComponentInitializationException; import org.opensaml.core.xml.XMLObject; import org.opensaml.core.xml.XMLObjectBuilderFactory; import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport; @@ -150,9 +153,6 @@ import org.opensaml.xmlsec.signature.support.impl.ExplicitKeySignatureTrustEngine; import org.w3c.dom.Document; -import org.opensearch.security.test.helper.file.FileHelper; -import org.opensearch.security.test.helper.network.SocketUtils; - class MockSamlIdpServer implements Closeable { final static String ENTITY_ID = "http://test.entity"; diff --git a/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendIntegTest.java b/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendIntegTest.java index f9af873ec2..6fda346a93 100644 --- a/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendIntegTest.java +++ b/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendIntegTest.java @@ -18,8 +18,6 @@ import org.junit.BeforeClass; import org.junit.Test; -import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer; - import org.opensearch.common.settings.Settings; import org.opensearch.security.support.ConfigConstants; import org.opensearch.security.test.DynamicSecurityConfig; @@ -28,6 +26,8 @@ import org.opensearch.security.test.helper.rest.RestHelper; import org.opensearch.security.test.helper.rest.RestHelper.HttpResponse; +import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer; + public class LdapBackendIntegTest extends SingleClusterTest { private static EmbeddedLDAPServer ldapServer = null; diff --git a/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTest.java b/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTest.java index 4bbf94f729..4fe7ad0514 100755 --- a/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTest.java +++ b/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTest.java @@ -20,16 +20,6 @@ import org.junit.Assert; import org.junit.BeforeClass; import org.junit.Test; -import org.ldaptive.Connection; -import org.ldaptive.LdapAttribute; -import org.ldaptive.LdapEntry; -import org.ldaptive.ReturnAttributes; - -import com.amazon.dlic.auth.ldap.backend.LDAPAuthenticationBackend; -import com.amazon.dlic.auth.ldap.backend.LDAPAuthorizationBackend; -import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer; -import com.amazon.dlic.auth.ldap.util.ConfigConstants; -import com.amazon.dlic.auth.ldap.util.LdapHelper; import org.opensearch.OpenSearchSecurityException; import org.opensearch.common.settings.Settings; @@ -38,6 +28,16 @@ import org.opensearch.security.user.AuthCredentials; import org.opensearch.security.user.User; +import com.amazon.dlic.auth.ldap.backend.LDAPAuthenticationBackend; +import com.amazon.dlic.auth.ldap.backend.LDAPAuthorizationBackend; +import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer; +import com.amazon.dlic.auth.ldap.util.ConfigConstants; +import com.amazon.dlic.auth.ldap.util.LdapHelper; +import org.ldaptive.Connection; +import org.ldaptive.LdapAttribute; +import org.ldaptive.LdapEntry; +import org.ldaptive.ReturnAttributes; + import static org.hamcrest.Matchers.hasItem; public class LdapBackendTest { diff --git a/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTestClientCert.java b/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTestClientCert.java index 1765b5fd26..b5cc56f84b 100644 --- a/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTestClientCert.java +++ b/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTestClientCert.java @@ -21,14 +21,14 @@ import org.junit.Ignore; import org.junit.Test; -import com.amazon.dlic.auth.ldap.backend.LDAPAuthenticationBackend; -import com.amazon.dlic.auth.ldap.util.ConfigConstants; - import org.opensearch.common.settings.Settings; import org.opensearch.security.ssl.util.ExceptionUtils; import org.opensearch.security.ssl.util.SSLConfigConstants; import org.opensearch.security.user.AuthCredentials; +import com.amazon.dlic.auth.ldap.backend.LDAPAuthenticationBackend; +import com.amazon.dlic.auth.ldap.util.ConfigConstants; + @Ignore public class LdapBackendTestClientCert { diff --git a/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTestNewStyleConfig.java b/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTestNewStyleConfig.java index 3026ffcd61..a6ae9eb79d 100644 --- a/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTestNewStyleConfig.java +++ b/src/test/java/com/amazon/dlic/auth/ldap/LdapBackendTestNewStyleConfig.java @@ -21,15 +21,6 @@ import org.junit.Assert; import org.junit.BeforeClass; import org.junit.Test; -import org.ldaptive.Connection; -import org.ldaptive.LdapEntry; -import org.ldaptive.ReturnAttributes; - -import com.amazon.dlic.auth.ldap.backend.LDAPAuthenticationBackend; -import com.amazon.dlic.auth.ldap.backend.LDAPAuthorizationBackend; -import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer; -import com.amazon.dlic.auth.ldap.util.ConfigConstants; -import com.amazon.dlic.auth.ldap.util.LdapHelper; import org.opensearch.OpenSearchSecurityException; import org.opensearch.common.settings.Settings; @@ -38,6 +29,15 @@ import org.opensearch.security.user.AuthCredentials; import org.opensearch.security.user.User; +import com.amazon.dlic.auth.ldap.backend.LDAPAuthenticationBackend; +import com.amazon.dlic.auth.ldap.backend.LDAPAuthorizationBackend; +import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer; +import com.amazon.dlic.auth.ldap.util.ConfigConstants; +import com.amazon.dlic.auth.ldap.util.LdapHelper; +import org.ldaptive.Connection; +import org.ldaptive.LdapEntry; +import org.ldaptive.ReturnAttributes; + import static org.hamcrest.Matchers.hasItem; public class LdapBackendTestNewStyleConfig { diff --git a/src/test/java/com/amazon/dlic/auth/ldap/srv/LdapServer.java b/src/test/java/com/amazon/dlic/auth/ldap/srv/LdapServer.java index bb7738d3fd..36bb37494d 100644 --- a/src/test/java/com/amazon/dlic/auth/ldap/srv/LdapServer.java +++ b/src/test/java/com/amazon/dlic/auth/ldap/srv/LdapServer.java @@ -25,6 +25,13 @@ import java.util.concurrent.locks.ReentrantLock; import com.google.common.io.CharStreams; +import org.apache.commons.lang3.exception.ExceptionUtils; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; + +import org.opensearch.security.test.helper.file.FileHelper; +import org.opensearch.security.test.helper.network.SocketUtils; + import com.unboundid.ldap.listener.InMemoryDirectoryServer; import com.unboundid.ldap.listener.InMemoryDirectoryServerConfig; import com.unboundid.ldap.listener.InMemoryListenerConfig; @@ -36,12 +43,6 @@ import com.unboundid.util.ssl.KeyStoreKeyManager; import com.unboundid.util.ssl.SSLUtil; import com.unboundid.util.ssl.TrustStoreTrustManager; -import org.apache.commons.lang3.exception.ExceptionUtils; -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; - -import org.opensearch.security.test.helper.file.FileHelper; -import org.opensearch.security.test.helper.network.SocketUtils; final class LdapServer { private final static Logger LOG = LogManager.getLogger(LdapServer.class); diff --git a/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendIntegTest2.java b/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendIntegTest2.java index 2f5269fe48..6f0958790a 100644 --- a/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendIntegTest2.java +++ b/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendIntegTest2.java @@ -18,8 +18,6 @@ import org.junit.BeforeClass; import org.junit.Test; -import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer; - import org.opensearch.common.settings.Settings; import org.opensearch.security.support.ConfigConstants; import org.opensearch.security.test.DynamicSecurityConfig; @@ -28,6 +26,8 @@ import org.opensearch.security.test.helper.rest.RestHelper; import org.opensearch.security.test.helper.rest.RestHelper.HttpResponse; +import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer; + public class LdapBackendIntegTest2 extends SingleClusterTest { private static EmbeddedLDAPServer ldapServer = null; diff --git a/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestClientCert2.java b/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestClientCert2.java index 6ba7a84b4a..64e9521155 100644 --- a/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestClientCert2.java +++ b/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestClientCert2.java @@ -21,14 +21,14 @@ import org.junit.Ignore; import org.junit.Test; -import com.amazon.dlic.auth.ldap.LdapUser; -import com.amazon.dlic.auth.ldap.util.ConfigConstants; - import org.opensearch.common.settings.Settings; import org.opensearch.security.ssl.util.ExceptionUtils; import org.opensearch.security.ssl.util.SSLConfigConstants; import org.opensearch.security.user.AuthCredentials; +import com.amazon.dlic.auth.ldap.LdapUser; +import com.amazon.dlic.auth.ldap.util.ConfigConstants; + @Ignore public class LdapBackendTestClientCert2 { diff --git a/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestNewStyleConfig2.java b/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestNewStyleConfig2.java index 4bd9f92083..634584c167 100644 --- a/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestNewStyleConfig2.java +++ b/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestNewStyleConfig2.java @@ -27,17 +27,6 @@ import org.junit.runners.Parameterized; import org.junit.runners.Parameterized.Parameter; import org.junit.runners.Parameterized.Parameters; -import org.ldaptive.Connection; -import org.ldaptive.LdapAttribute; -import org.ldaptive.LdapEntry; -import org.ldaptive.ReturnAttributes; - -import com.amazon.dlic.auth.ldap.LdapUser; -import com.amazon.dlic.auth.ldap.backend.LDAPAuthenticationBackend; -import com.amazon.dlic.auth.ldap.backend.LDAPAuthorizationBackend; -import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer; -import com.amazon.dlic.auth.ldap.util.ConfigConstants; -import com.amazon.dlic.auth.ldap.util.LdapHelper; import org.opensearch.OpenSearchSecurityException; import org.opensearch.common.settings.Settings; @@ -47,6 +36,17 @@ import org.opensearch.security.user.AuthCredentials; import org.opensearch.security.user.User; +import com.amazon.dlic.auth.ldap.LdapUser; +import com.amazon.dlic.auth.ldap.backend.LDAPAuthenticationBackend; +import com.amazon.dlic.auth.ldap.backend.LDAPAuthorizationBackend; +import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer; +import com.amazon.dlic.auth.ldap.util.ConfigConstants; +import com.amazon.dlic.auth.ldap.util.LdapHelper; +import org.ldaptive.Connection; +import org.ldaptive.LdapAttribute; +import org.ldaptive.LdapEntry; +import org.ldaptive.ReturnAttributes; + import static org.hamcrest.Matchers.hasItem; @RunWith(Parameterized.class) diff --git a/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestOldStyleConfig2.java b/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestOldStyleConfig2.java index 7f7d6646b2..5c4a85d6cc 100755 --- a/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestOldStyleConfig2.java +++ b/src/test/java/com/amazon/dlic/auth/ldap2/LdapBackendTestOldStyleConfig2.java @@ -27,17 +27,6 @@ import org.junit.runners.Parameterized; import org.junit.runners.Parameterized.Parameter; import org.junit.runners.Parameterized.Parameters; -import org.ldaptive.Connection; -import org.ldaptive.LdapAttribute; -import org.ldaptive.LdapEntry; -import org.ldaptive.ReturnAttributes; - -import com.amazon.dlic.auth.ldap.LdapUser; -import com.amazon.dlic.auth.ldap.backend.LDAPAuthenticationBackend; -import com.amazon.dlic.auth.ldap.backend.LDAPAuthorizationBackend; -import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer; -import com.amazon.dlic.auth.ldap.util.ConfigConstants; -import com.amazon.dlic.auth.ldap.util.LdapHelper; import org.opensearch.OpenSearchSecurityException; import org.opensearch.common.settings.Settings; @@ -47,6 +36,17 @@ import org.opensearch.security.user.AuthCredentials; import org.opensearch.security.user.User; +import com.amazon.dlic.auth.ldap.LdapUser; +import com.amazon.dlic.auth.ldap.backend.LDAPAuthenticationBackend; +import com.amazon.dlic.auth.ldap.backend.LDAPAuthorizationBackend; +import com.amazon.dlic.auth.ldap.srv.EmbeddedLDAPServer; +import com.amazon.dlic.auth.ldap.util.ConfigConstants; +import com.amazon.dlic.auth.ldap.util.LdapHelper; +import org.ldaptive.Connection; +import org.ldaptive.LdapAttribute; +import org.ldaptive.LdapEntry; +import org.ldaptive.ReturnAttributes; + import static org.hamcrest.Matchers.hasItem; @RunWith(Parameterized.class) diff --git a/src/test/java/org/opensearch/node/PluginAwareNode.java b/src/test/java/org/opensearch/node/PluginAwareNode.java index 19cda27e81..d992017c27 100644 --- a/src/test/java/org/opensearch/node/PluginAwareNode.java +++ b/src/test/java/org/opensearch/node/PluginAwareNode.java @@ -26,12 +26,12 @@ package org.opensearch.node; -import org.opensearch.common.settings.Settings; -import org.opensearch.plugins.Plugin; - import java.util.Collection; import java.util.Collections; +import org.opensearch.common.settings.Settings; +import org.opensearch.plugins.Plugin; + public class PluginAwareNode extends Node { private final boolean clusterManagerEligible; diff --git a/src/test/java/org/opensearch/security/HttpIntegrationTests.java b/src/test/java/org/opensearch/security/HttpIntegrationTests.java index 94994875d8..60abaf8efe 100644 --- a/src/test/java/org/opensearch/security/HttpIntegrationTests.java +++ b/src/test/java/org/opensearch/security/HttpIntegrationTests.java @@ -26,6 +26,10 @@ package org.opensearch.security; +import java.io.File; +import java.nio.charset.StandardCharsets; +import java.nio.file.Files; + import com.fasterxml.jackson.databind.JsonNode; import org.apache.hc.core5.http.HttpStatus; import org.apache.hc.core5.http.NoHttpResponseException; @@ -33,6 +37,7 @@ import org.junit.Assert; import org.junit.Ignore; import org.junit.Test; + import org.opensearch.action.admin.indices.alias.IndicesAliasesRequest; import org.opensearch.action.admin.indices.alias.IndicesAliasesRequest.AliasActions; import org.opensearch.action.admin.indices.create.CreateIndexRequest; @@ -52,10 +57,6 @@ import org.opensearch.security.test.helper.rest.RestHelper; import org.opensearch.security.test.helper.rest.RestHelper.HttpResponse; -import java.io.File; -import java.nio.charset.StandardCharsets; -import java.nio.file.Files; - import static org.opensearch.security.DefaultObjectMapper.readTree; public class HttpIntegrationTests extends SingleClusterTest { diff --git a/src/test/java/org/opensearch/security/IntegrationTests.java b/src/test/java/org/opensearch/security/IntegrationTests.java index 9a4bf7bba8..31a46be331 100644 --- a/src/test/java/org/opensearch/security/IntegrationTests.java +++ b/src/test/java/org/opensearch/security/IntegrationTests.java @@ -29,7 +29,6 @@ import java.util.TreeSet; import com.fasterxml.jackson.databind.JsonNode; -import io.netty.handler.ssl.OpenSsl; import org.apache.hc.core5.http.HttpStatus; import org.apache.hc.core5.http.message.BasicHeader; import org.junit.Assert; @@ -57,6 +56,8 @@ import org.opensearch.security.test.helper.rest.RestHelper; import org.opensearch.security.test.helper.rest.RestHelper.HttpResponse; +import io.netty.handler.ssl.OpenSsl; + import static org.opensearch.security.DefaultObjectMapper.readTree; public class IntegrationTests extends SingleClusterTest { diff --git a/src/test/java/org/opensearch/security/RolesInjectorIntegTest.java b/src/test/java/org/opensearch/security/RolesInjectorIntegTest.java index c4abf42904..3137eab640 100644 --- a/src/test/java/org/opensearch/security/RolesInjectorIntegTest.java +++ b/src/test/java/org/opensearch/security/RolesInjectorIntegTest.java @@ -34,8 +34,8 @@ import org.opensearch.cluster.health.ClusterHealthStatus; import org.opensearch.cluster.metadata.IndexNameExpressionResolver; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.core.common.io.stream.NamedWriteableRegistry; import org.opensearch.common.settings.Settings; +import org.opensearch.core.common.io.stream.NamedWriteableRegistry; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.env.Environment; import org.opensearch.env.NodeEnvironment; diff --git a/src/test/java/org/opensearch/security/RolesValidationIntegTest.java b/src/test/java/org/opensearch/security/RolesValidationIntegTest.java index 9c8f52fa3e..6d62d407b1 100644 --- a/src/test/java/org/opensearch/security/RolesValidationIntegTest.java +++ b/src/test/java/org/opensearch/security/RolesValidationIntegTest.java @@ -28,8 +28,8 @@ import org.opensearch.client.Client; import org.opensearch.cluster.metadata.IndexNameExpressionResolver; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.core.common.io.stream.NamedWriteableRegistry; import org.opensearch.common.settings.Settings; +import org.opensearch.core.common.io.stream.NamedWriteableRegistry; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.env.Environment; import org.opensearch.env.NodeEnvironment; diff --git a/src/test/java/org/opensearch/security/TransportUserInjectorIntegTest.java b/src/test/java/org/opensearch/security/TransportUserInjectorIntegTest.java index f97919b2f7..b13e5fbb20 100644 --- a/src/test/java/org/opensearch/security/TransportUserInjectorIntegTest.java +++ b/src/test/java/org/opensearch/security/TransportUserInjectorIntegTest.java @@ -26,8 +26,8 @@ import org.opensearch.client.Client; import org.opensearch.cluster.metadata.IndexNameExpressionResolver; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.core.common.io.stream.NamedWriteableRegistry; import org.opensearch.common.settings.Settings; +import org.opensearch.core.common.io.stream.NamedWriteableRegistry; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.env.Environment; import org.opensearch.env.NodeEnvironment; diff --git a/src/test/java/org/opensearch/security/UserServiceUnitTests.java b/src/test/java/org/opensearch/security/UserServiceUnitTests.java index 6bdef8d167..48c37748fc 100644 --- a/src/test/java/org/opensearch/security/UserServiceUnitTests.java +++ b/src/test/java/org/opensearch/security/UserServiceUnitTests.java @@ -11,12 +11,17 @@ package org.opensearch.security; +import java.io.File; +import java.nio.charset.StandardCharsets; +import java.nio.file.Files; + import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; +import com.fasterxml.jackson.dataformat.yaml.YAMLFactory; import org.junit.Assert; import org.junit.Before; import org.junit.Test; -import org.mockito.Mock; + import org.opensearch.client.Client; import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.settings.Settings; @@ -26,11 +31,7 @@ import org.opensearch.security.user.UserFilterType; import org.opensearch.security.user.UserService; -import java.io.File; -import java.nio.charset.StandardCharsets; -import java.nio.file.Files; - -import com.fasterxml.jackson.dataformat.yaml.YAMLFactory; +import org.mockito.Mock; public class UserServiceUnitTests { SecurityDynamicConfiguration config; diff --git a/src/test/java/org/opensearch/security/UtilTests.java b/src/test/java/org/opensearch/security/UtilTests.java index f64c905667..3b6ed2edc9 100644 --- a/src/test/java/org/opensearch/security/UtilTests.java +++ b/src/test/java/org/opensearch/security/UtilTests.java @@ -28,8 +28,8 @@ import java.util.Map; -import org.bouncycastle.crypto.generators.OpenBSDBCrypt; import org.junit.Test; +import org.bouncycastle.crypto.generators.OpenBSDBCrypt; import org.opensearch.common.settings.Settings; import org.opensearch.security.support.ConfigConstants; diff --git a/src/test/java/org/opensearch/security/auditlog/AbstractAuditlogiUnitTest.java b/src/test/java/org/opensearch/security/auditlog/AbstractAuditlogiUnitTest.java index bad71c75f4..3d814231cf 100644 --- a/src/test/java/org/opensearch/security/auditlog/AbstractAuditlogiUnitTest.java +++ b/src/test/java/org/opensearch/security/auditlog/AbstractAuditlogiUnitTest.java @@ -11,7 +11,11 @@ package org.opensearch.security.auditlog; +import java.util.Arrays; +import java.util.Collection; + import com.fasterxml.jackson.databind.JsonNode; + import org.opensearch.common.settings.Settings; import org.opensearch.security.DefaultObjectMapper; import org.opensearch.security.auditlog.config.AuditConfig; @@ -22,9 +26,6 @@ import org.opensearch.security.test.helper.file.FileHelper; import org.opensearch.security.test.helper.rest.RestHelper; -import java.util.Arrays; -import java.util.Collection; - import static org.opensearch.security.auditlog.config.AuditConfig.DEPRECATED_KEYS; public abstract class AbstractAuditlogiUnitTest extends SingleClusterTest { diff --git a/src/test/java/org/opensearch/security/auditlog/config/AuditConfigFilterTest.java b/src/test/java/org/opensearch/security/auditlog/config/AuditConfigFilterTest.java index fad4cabbc5..e40e65549f 100644 --- a/src/test/java/org/opensearch/security/auditlog/config/AuditConfigFilterTest.java +++ b/src/test/java/org/opensearch/security/auditlog/config/AuditConfigFilterTest.java @@ -28,16 +28,16 @@ import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.equalTo; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertSame; -import static org.junit.Assert.assertTrue; import static org.opensearch.security.auditlog.impl.AuditCategory.AUTHENTICATED; import static org.opensearch.security.auditlog.impl.AuditCategory.BAD_HEADERS; import static org.opensearch.security.auditlog.impl.AuditCategory.FAILED_LOGIN; import static org.opensearch.security.auditlog.impl.AuditCategory.GRANTED_PRIVILEGES; import static org.opensearch.security.auditlog.impl.AuditCategory.MISSING_PRIVILEGES; import static org.opensearch.security.auditlog.impl.AuditCategory.SSL_EXCEPTION; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertSame; +import static org.junit.Assert.assertTrue; public class AuditConfigFilterTest { diff --git a/src/test/java/org/opensearch/security/auditlog/config/AuditConfigSerializeTest.java b/src/test/java/org/opensearch/security/auditlog/config/AuditConfigSerializeTest.java index 33dad63e5f..0b50c2ac20 100644 --- a/src/test/java/org/opensearch/security/auditlog/config/AuditConfigSerializeTest.java +++ b/src/test/java/org/opensearch/security/auditlog/config/AuditConfigSerializeTest.java @@ -15,12 +15,12 @@ import java.util.Collections; import java.util.EnumSet; +import com.google.common.collect.ImmutableList; +import com.google.common.collect.ImmutableSet; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.InjectableValues; import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.node.ObjectNode; -import com.google.common.collect.ImmutableList; -import com.google.common.collect.ImmutableSet; import org.junit.Before; import org.junit.Test; @@ -32,12 +32,12 @@ import org.opensearch.security.support.ConfigConstants; import org.opensearch.security.support.WildcardMatcher; +import static org.opensearch.security.auditlog.impl.AuditCategory.AUTHENTICATED; +import static org.opensearch.security.auditlog.impl.AuditCategory.GRANTED_PRIVILEGES; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertSame; import static org.junit.Assert.assertTrue; -import static org.opensearch.security.auditlog.impl.AuditCategory.AUTHENTICATED; -import static org.opensearch.security.auditlog.impl.AuditCategory.GRANTED_PRIVILEGES; public class AuditConfigSerializeTest { diff --git a/src/test/java/org/opensearch/security/auditlog/impl/AuditMessageTest.java b/src/test/java/org/opensearch/security/auditlog/impl/AuditMessageTest.java index f53872bb3a..d915c02e55 100644 --- a/src/test/java/org/opensearch/security/auditlog/impl/AuditMessageTest.java +++ b/src/test/java/org/opensearch/security/auditlog/impl/AuditMessageTest.java @@ -24,9 +24,9 @@ import org.opensearch.cluster.ClusterName; import org.opensearch.cluster.node.DiscoveryNode; import org.opensearch.cluster.service.ClusterService; -import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.collect.Tuple; import org.opensearch.common.xcontent.XContentType; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.securityconf.impl.CType; diff --git a/src/test/java/org/opensearch/security/auditlog/sink/KafkaSinkTest.java b/src/test/java/org/opensearch/security/auditlog/sink/KafkaSinkTest.java index bf567c6ebe..af856e2e90 100644 --- a/src/test/java/org/opensearch/security/auditlog/sink/KafkaSinkTest.java +++ b/src/test/java/org/opensearch/security/auditlog/sink/KafkaSinkTest.java @@ -22,7 +22,6 @@ import org.junit.Assert; import org.junit.ClassRule; import org.junit.Test; -import org.springframework.kafka.test.rule.EmbeddedKafkaRule; import org.opensearch.common.settings.Settings; import org.opensearch.common.xcontent.yaml.YamlXContent; @@ -31,6 +30,8 @@ import org.opensearch.security.auditlog.impl.AuditCategory; import org.opensearch.security.test.helper.file.FileHelper; +import org.springframework.kafka.test.rule.EmbeddedKafkaRule; + public class KafkaSinkTest extends AbstractAuditlogiUnitTest { @ClassRule diff --git a/src/test/java/org/opensearch/security/auditlog/sink/SinkProviderTLSTest.java b/src/test/java/org/opensearch/security/auditlog/sink/SinkProviderTLSTest.java index 49853a05fa..b7ebc12fb0 100644 --- a/src/test/java/org/opensearch/security/auditlog/sink/SinkProviderTLSTest.java +++ b/src/test/java/org/opensearch/security/auditlog/sink/SinkProviderTLSTest.java @@ -16,7 +16,6 @@ import java.io.InputStream; import java.net.ServerSocket; import java.security.KeyStore; - import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManagerFactory; diff --git a/src/test/java/org/opensearch/security/auditlog/sink/WebhookAuditLogTest.java b/src/test/java/org/opensearch/security/auditlog/sink/WebhookAuditLogTest.java index 28469d1a9b..a7d6919e0f 100644 --- a/src/test/java/org/opensearch/security/auditlog/sink/WebhookAuditLogTest.java +++ b/src/test/java/org/opensearch/security/auditlog/sink/WebhookAuditLogTest.java @@ -19,7 +19,6 @@ import java.nio.charset.StandardCharsets; import java.security.KeyStore; import java.util.Objects; - import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManagerFactory; diff --git a/src/test/java/org/opensearch/security/auth/InternalAuthBackendTests.java b/src/test/java/org/opensearch/security/auth/InternalAuthBackendTests.java index c059c890ab..b9503e79f1 100644 --- a/src/test/java/org/opensearch/security/auth/InternalAuthBackendTests.java +++ b/src/test/java/org/opensearch/security/auth/InternalAuthBackendTests.java @@ -19,13 +19,14 @@ import org.junit.Assert; import org.junit.Before; import org.junit.Test; -import org.mockito.Mockito; import org.opensearch.OpenSearchSecurityException; import org.opensearch.security.auth.internal.InternalAuthenticationBackend; import org.opensearch.security.securityconf.InternalUsersModel; import org.opensearch.security.user.AuthCredentials; +import org.mockito.Mockito; + import static org.mockito.Mockito.doReturn; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.spy; diff --git a/src/test/java/org/opensearch/security/auth/RolesInjectorTest.java b/src/test/java/org/opensearch/security/auth/RolesInjectorTest.java index 63eb32f862..4e893547d2 100644 --- a/src/test/java/org/opensearch/security/auth/RolesInjectorTest.java +++ b/src/test/java/org/opensearch/security/auth/RolesInjectorTest.java @@ -30,9 +30,9 @@ import org.opensearch.tasks.Task; import org.opensearch.transport.TransportRequest; +import static org.opensearch.security.support.ConfigConstants.OPENDISTRO_SECURITY_INJECTED_ROLES; import static org.junit.Assert.assertEquals; import static org.mockito.Mockito.mock; -import static org.opensearch.security.support.ConfigConstants.OPENDISTRO_SECURITY_INJECTED_ROLES; public class RolesInjectorTest { diff --git a/src/test/java/org/opensearch/security/auth/UserInjectorTest.java b/src/test/java/org/opensearch/security/auth/UserInjectorTest.java index df89b09981..ca64967ba7 100644 --- a/src/test/java/org/opensearch/security/auth/UserInjectorTest.java +++ b/src/test/java/org/opensearch/security/auth/UserInjectorTest.java @@ -17,7 +17,6 @@ import org.junit.Before; import org.junit.Test; -import org.mockito.Mockito; import org.opensearch.common.settings.Settings; import org.opensearch.common.util.concurrent.ThreadContext; @@ -29,6 +28,8 @@ import org.opensearch.threadpool.ThreadPool; import org.opensearch.transport.TransportRequest; +import org.mockito.Mockito; + import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNull; diff --git a/src/test/java/org/opensearch/security/auth/limiting/AddressBasedRateLimiterTest.java b/src/test/java/org/opensearch/security/auth/limiting/AddressBasedRateLimiterTest.java index 69ddc5c03a..70c7ce0435 100644 --- a/src/test/java/org/opensearch/security/auth/limiting/AddressBasedRateLimiterTest.java +++ b/src/test/java/org/opensearch/security/auth/limiting/AddressBasedRateLimiterTest.java @@ -17,12 +17,12 @@ package org.opensearch.security.auth.limiting; +import java.net.InetAddress; + import org.junit.Test; import org.opensearch.common.settings.Settings; -import java.net.InetAddress; - import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; diff --git a/src/test/java/org/opensearch/security/authtoken/jwt/AuthTokenUtilsTest.java b/src/test/java/org/opensearch/security/authtoken/jwt/AuthTokenUtilsTest.java index 4072d94436..e0026155de 100644 --- a/src/test/java/org/opensearch/security/authtoken/jwt/AuthTokenUtilsTest.java +++ b/src/test/java/org/opensearch/security/authtoken/jwt/AuthTokenUtilsTest.java @@ -11,15 +11,16 @@ package org.opensearch.security.authtoken.jwt; +import java.util.Collections; + +import org.junit.Test; + import org.opensearch.common.settings.Settings; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.rest.RestRequest; import org.opensearch.security.filter.SecurityRequestFactory; import org.opensearch.security.util.AuthTokenUtils; import org.opensearch.test.rest.FakeRestRequest; -import org.junit.Test; - -import java.util.Collections; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; diff --git a/src/test/java/org/opensearch/security/authtoken/jwt/EncryptionDecryptionUtilsTest.java b/src/test/java/org/opensearch/security/authtoken/jwt/EncryptionDecryptionUtilsTest.java index 4890f380f9..df6456303a 100644 --- a/src/test/java/org/opensearch/security/authtoken/jwt/EncryptionDecryptionUtilsTest.java +++ b/src/test/java/org/opensearch/security/authtoken/jwt/EncryptionDecryptionUtilsTest.java @@ -11,9 +11,10 @@ package org.opensearch.security.authtoken.jwt; +import java.util.Base64; + import org.junit.Assert; import org.junit.Test; -import java.util.Base64; public class EncryptionDecryptionUtilsTest { diff --git a/src/test/java/org/opensearch/security/authtoken/jwt/JwtVendorTest.java b/src/test/java/org/opensearch/security/authtoken/jwt/JwtVendorTest.java index 9c51dd714b..76a3847084 100644 --- a/src/test/java/org/opensearch/security/authtoken/jwt/JwtVendorTest.java +++ b/src/test/java/org/opensearch/security/authtoken/jwt/JwtVendorTest.java @@ -18,7 +18,6 @@ import java.util.function.LongSupplier; import com.google.common.io.BaseEncoding; -import com.nimbusds.jwt.SignedJWT; import org.apache.commons.lang3.RandomStringUtils; import org.apache.logging.log4j.Level; import org.apache.logging.log4j.LogManager; @@ -27,7 +26,7 @@ import org.apache.logging.log4j.core.Logger; import org.junit.Assert; import org.junit.Test; -import org.mockito.ArgumentCaptor; + import org.opensearch.OpenSearchException; import org.opensearch.common.collect.Tuple; import org.opensearch.common.settings.Settings; @@ -35,6 +34,8 @@ import com.nimbusds.jose.JWSSigner; import com.nimbusds.jose.jwk.JWK; +import com.nimbusds.jwt.SignedJWT; +import org.mockito.ArgumentCaptor; import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.containsString; @@ -42,9 +43,7 @@ import static org.hamcrest.Matchers.is; import static org.hamcrest.Matchers.not; import static org.hamcrest.Matchers.nullValue; - import static org.hamcrest.core.IsNull.notNullValue; - import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertThrows; import static org.junit.Assert.assertTrue; diff --git a/src/test/java/org/opensearch/security/authtoken/jwt/KeyPaddingUtilTest.java b/src/test/java/org/opensearch/security/authtoken/jwt/KeyPaddingUtilTest.java index 78bd950964..2633c75c2f 100644 --- a/src/test/java/org/opensearch/security/authtoken/jwt/KeyPaddingUtilTest.java +++ b/src/test/java/org/opensearch/security/authtoken/jwt/KeyPaddingUtilTest.java @@ -11,9 +11,10 @@ package org.opensearch.security.authtoken.jwt; -import com.nimbusds.jose.JWSAlgorithm; import org.junit.Test; +import com.nimbusds.jose.JWSAlgorithm; + import static org.junit.jupiter.api.Assertions.assertEquals; public class KeyPaddingUtilTest { diff --git a/src/test/java/org/opensearch/security/configuration/SaltTest.java b/src/test/java/org/opensearch/security/configuration/SaltTest.java index 8af7501810..918a27e8c5 100644 --- a/src/test/java/org/opensearch/security/configuration/SaltTest.java +++ b/src/test/java/org/opensearch/security/configuration/SaltTest.java @@ -21,9 +21,9 @@ import org.opensearch.common.settings.Settings; import org.opensearch.security.support.ConfigConstants; +import static org.opensearch.security.configuration.Salt.SALT_SIZE; import static org.junit.Assert.assertArrayEquals; import static org.junit.Assert.assertEquals; -import static org.opensearch.security.configuration.Salt.SALT_SIZE; public class SaltTest { diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/CCReplicationTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/CCReplicationTest.java index d1b514a2e6..b5a9e61d76 100644 --- a/src/test/java/org/opensearch/security/dlic/dlsfls/CCReplicationTest.java +++ b/src/test/java/org/opensearch/security/dlic/dlsfls/CCReplicationTest.java @@ -24,10 +24,8 @@ import org.junit.Test; import org.opensearch.OpenSearchSecurityException; -import org.opensearch.core.action.ActionListener; import org.opensearch.action.ActionRequest; import org.opensearch.action.ActionRequestValidationException; -import org.opensearch.core.action.ActionResponse; import org.opensearch.action.ActionType; import org.opensearch.action.IndicesRequest; import org.opensearch.action.IndicesRequest.Replaceable; @@ -44,11 +42,14 @@ import org.opensearch.cluster.metadata.IndexNameExpressionResolver; import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.inject.Inject; +import org.opensearch.common.settings.Settings; +import org.opensearch.common.xcontent.XContentType; +import org.opensearch.core.action.ActionListener; +import org.opensearch.core.action.ActionResponse; import org.opensearch.core.common.io.stream.NamedWriteableRegistry; import org.opensearch.core.common.io.stream.StreamInput; import org.opensearch.core.common.io.stream.StreamOutput; -import org.opensearch.common.settings.Settings; -import org.opensearch.common.xcontent.XContentType; +import org.opensearch.core.rest.RestStatus; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.env.Environment; import org.opensearch.env.NodeEnvironment; @@ -57,7 +58,6 @@ import org.opensearch.plugins.ActionPlugin; import org.opensearch.plugins.Plugin; import org.opensearch.repositories.RepositoriesService; -import org.opensearch.core.rest.RestStatus; import org.opensearch.script.ScriptService; import org.opensearch.security.OpenSearchSecurityPlugin; import org.opensearch.security.support.ConfigConstants; diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFlatTests.java b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFlatTests.java index 4d3e2d1846..7899d3c2e5 100644 --- a/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFlatTests.java +++ b/src/test/java/org/opensearch/security/dlic/dlsfls/FlsFlatTests.java @@ -11,20 +11,22 @@ package org.opensearch.security.dlic.dlsfls; +import java.util.function.BiFunction; +import java.util.function.Consumer; + import org.apache.hc.core5.http.Header; import org.apache.hc.core5.http.HttpStatus; import org.junit.Test; + import org.opensearch.action.admin.indices.create.CreateIndexRequest; import org.opensearch.action.index.IndexRequest; import org.opensearch.action.support.WriteRequest.RefreshPolicy; import org.opensearch.client.Client; -import org.opensearch.common.xcontent.XContentType; import org.opensearch.common.xcontent.XContentFactory; +import org.opensearch.common.xcontent.XContentType; +import org.opensearch.core.xcontent.XContentBuilder; import org.opensearch.security.test.DynamicSecurityConfig; import org.opensearch.security.test.helper.rest.RestHelper.HttpResponse; -import org.opensearch.core.xcontent.XContentBuilder; -import java.util.function.BiFunction; -import java.util.function.Consumer; import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.core.IsEqual.equalTo; diff --git a/src/test/java/org/opensearch/security/dlic/dlsfls/RenameFieldResponseProcessorTest.java b/src/test/java/org/opensearch/security/dlic/dlsfls/RenameFieldResponseProcessorTest.java index 28d9ed27ab..c22d167b6d 100644 --- a/src/test/java/org/opensearch/security/dlic/dlsfls/RenameFieldResponseProcessorTest.java +++ b/src/test/java/org/opensearch/security/dlic/dlsfls/RenameFieldResponseProcessorTest.java @@ -12,15 +12,14 @@ package org.opensearch.security.dlic.dlsfls; import org.apache.hc.core5.http.Header; -import org.opensearch.client.Client; - import org.apache.hc.core5.http.HttpStatus; import org.junit.Test; import org.opensearch.action.index.IndexRequest; -import org.opensearch.security.test.DynamicSecurityConfig; import org.opensearch.action.support.WriteRequest.RefreshPolicy; +import org.opensearch.client.Client; import org.opensearch.common.xcontent.XContentType; +import org.opensearch.security.test.DynamicSecurityConfig; import org.opensearch.security.test.helper.cluster.ClusterConfiguration; import org.opensearch.security.test.helper.rest.RestHelper.HttpResponse; diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/AbstractApiActionValidationTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/AbstractApiActionValidationTest.java index b3d3dc0571..f2df09549f 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/AbstractApiActionValidationTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/AbstractApiActionValidationTest.java @@ -11,13 +11,16 @@ package org.opensearch.security.dlic.rest.api; +import java.io.IOException; +import java.util.List; +import java.util.Map; + import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; -import org.mockito.Mock; -import org.mockito.junit.MockitoJUnitRunner; + import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.settings.Settings; import org.opensearch.common.xcontent.XContentFactory; @@ -29,9 +32,8 @@ import org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration; import org.opensearch.threadpool.ThreadPool; -import java.io.IOException; -import java.util.List; -import java.util.Map; +import org.mockito.Mock; +import org.mockito.junit.MockitoJUnitRunner; import static org.junit.Assert.assertEquals; import static org.mockito.Mockito.when; diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/AccountApiActionConfigValidationsTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/AccountApiActionConfigValidationsTest.java index 99c6359b45..8af780e01a 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/AccountApiActionConfigValidationsTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/AccountApiActionConfigValidationsTest.java @@ -10,13 +10,15 @@ package org.opensearch.security.dlic.rest.api; import com.fasterxml.jackson.databind.node.ObjectNode; -import org.bouncycastle.crypto.generators.OpenBSDBCrypt; import org.junit.Test; -import org.mockito.Mockito; +import org.bouncycastle.crypto.generators.OpenBSDBCrypt; + import org.opensearch.core.rest.RestStatus; import org.opensearch.security.dlic.rest.support.Utils; import org.opensearch.security.securityconf.impl.v7.InternalUserV7; +import org.mockito.Mockito; + import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/AccountApiTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/AccountApiTest.java index 18e5cca8c7..f84e28e755 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/AccountApiTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/AccountApiTest.java @@ -21,12 +21,12 @@ import org.opensearch.security.securityconf.impl.CType; import org.opensearch.security.test.helper.rest.RestHelper.HttpResponse; +import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNull; import static org.junit.Assert.assertTrue; -import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX; public class AccountApiTest extends AbstractRestApiUnitTest { private final String BASE_ENDPOINT; diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiActionValidationTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiActionValidationTest.java index 82692b5fa3..8fb8099783 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiActionValidationTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/ActionGroupsApiActionValidationTest.java @@ -11,11 +11,13 @@ import org.junit.Before; import org.junit.Test; -import org.mockito.Mockito; + import org.opensearch.core.rest.RestStatus; import org.opensearch.security.securityconf.impl.CType; import org.opensearch.security.securityconf.impl.v7.ActionGroupsV7; +import org.mockito.Mockito; + import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.mockito.ArgumentMatchers.any; diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/AllowlistApiTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/AllowlistApiTest.java index 27a1360a65..ccce614c07 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/AllowlistApiTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/AllowlistApiTest.java @@ -14,8 +14,8 @@ import java.util.Map; import java.util.stream.Collectors; -import com.fasterxml.jackson.databind.JsonNode; import com.google.common.collect.ImmutableMap; +import com.fasterxml.jackson.databind.JsonNode; import org.apache.hc.core5.http.Header; import org.apache.hc.core5.http.HttpStatus; import org.junit.Assert; @@ -34,9 +34,9 @@ import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.equalTo; +import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_ADMIN_ENABLED; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertTrue; -import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_ADMIN_ENABLED; /** * Testing class to verify that {@link AllowlistApiAction} works correctly. diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionRequestContentValidatorTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionRequestContentValidatorTest.java index 2629e41a8a..bc43b3a56a 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionRequestContentValidatorTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionRequestContentValidatorTest.java @@ -11,8 +11,14 @@ package org.opensearch.security.dlic.rest.api; +import java.io.IOException; +import java.util.Map; +import java.util.stream.Collectors; +import java.util.stream.Stream; + import com.fasterxml.jackson.databind.InjectableValues; import org.junit.Test; + import org.opensearch.common.settings.Settings; import org.opensearch.core.common.bytes.BytesArray; import org.opensearch.core.rest.RestStatus; @@ -22,11 +28,6 @@ import org.opensearch.security.compliance.ComplianceConfig; import org.opensearch.security.util.FakeRestRequest; -import java.io.IOException; -import java.util.Map; -import java.util.stream.Collectors; -import java.util.stream.Stream; - import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionTest.java index 8d431882da..ce72fe2cef 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionTest.java @@ -17,13 +17,13 @@ import java.util.Map; import java.util.stream.Collectors; +import com.google.common.collect.ImmutableList; +import com.google.common.collect.ImmutableMap; +import com.google.common.collect.Streams; import com.fasterxml.jackson.core.type.TypeReference; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.node.ObjectNode; -import com.google.common.collect.ImmutableList; -import com.google.common.collect.ImmutableMap; -import com.google.common.collect.Streams; import org.apache.hc.core5.http.Header; import org.apache.hc.core5.http.HttpStatus; import org.junit.After; @@ -39,11 +39,11 @@ import org.opensearch.security.test.helper.file.FileHelper; import org.opensearch.security.test.helper.rest.RestHelper; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertTrue; import static org.opensearch.security.DefaultObjectMapper.readTree; import static org.opensearch.security.DefaultObjectMapper.writeValueAsString; import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; public class AuditApiActionTest extends AbstractRestApiUnitTest { // admin cred with roles in test yml files diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionValidationTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionValidationTest.java index 7ffbda2fce..20a450285c 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionValidationTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/AuditApiActionValidationTest.java @@ -11,7 +11,10 @@ package org.opensearch.security.dlic.rest.api; +import java.util.List; + import org.junit.Test; + import org.opensearch.common.settings.Settings; import org.opensearch.core.rest.RestStatus; import org.opensearch.security.auditlog.config.AuditConfig; @@ -19,8 +22,6 @@ import org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration; import org.opensearch.security.util.FakeRestRequest; -import java.util.List; - import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/InternalUsersApiActionValidationTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/InternalUsersApiActionValidationTest.java index 853117b8b4..773d356246 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/InternalUsersApiActionValidationTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/InternalUsersApiActionValidationTest.java @@ -11,11 +11,14 @@ package org.opensearch.security.dlic.rest.api; -import org.bouncycastle.crypto.generators.OpenBSDBCrypt; +import java.io.IOException; +import java.util.List; +import java.util.Map; + import org.junit.Before; import org.junit.Test; -import org.mockito.Mock; -import org.mockito.Mockito; +import org.bouncycastle.crypto.generators.OpenBSDBCrypt; + import org.opensearch.core.rest.RestStatus; import org.opensearch.rest.RestRequest; import org.opensearch.security.DefaultObjectMapper; @@ -26,9 +29,8 @@ import org.opensearch.security.user.UserService; import org.opensearch.security.util.FakeRestRequest; -import java.io.IOException; -import java.util.List; -import java.util.Map; +import org.mockito.Mock; +import org.mockito.Mockito; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/NodesDnApiActionValidationTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/NodesDnApiActionValidationTest.java index 99d2e55188..822e29f976 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/NodesDnApiActionValidationTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/NodesDnApiActionValidationTest.java @@ -12,6 +12,7 @@ package org.opensearch.security.dlic.rest.api; import org.junit.Test; + import org.opensearch.core.rest.RestStatus; import static org.junit.Assert.assertEquals; diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/NodesDnApiTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/NodesDnApiTest.java index 0d052b3140..44c43863f9 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/NodesDnApiTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/NodesDnApiTest.java @@ -16,9 +16,9 @@ import java.util.Map; import java.util.stream.Collectors; +import com.google.common.collect.ImmutableMap; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; -import com.google.common.collect.ImmutableMap; import org.apache.hc.core5.http.Header; import org.apache.hc.core5.http.HttpStatus; import org.junit.Assert; diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/RequestHandlersBuilderTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/RequestHandlersBuilderTest.java index 80a6c0115a..d49bfbd25c 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/RequestHandlersBuilderTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/RequestHandlersBuilderTest.java @@ -11,12 +11,12 @@ package org.opensearch.security.dlic.rest.api; +import java.io.IOException; +import java.util.stream.Collectors; + import org.junit.Test; import org.junit.runner.RunWith; -import org.mockito.ArgumentCaptor; -import org.mockito.Captor; -import org.mockito.Mock; -import org.mockito.junit.MockitoJUnitRunner; + import org.opensearch.client.Client; import org.opensearch.common.xcontent.XContentFactory; import org.opensearch.core.rest.RestStatus; @@ -26,8 +26,10 @@ import org.opensearch.security.DefaultObjectMapper; import org.opensearch.security.dlic.rest.validation.ValidationResult; -import java.io.IOException; -import java.util.stream.Collectors; +import org.mockito.ArgumentCaptor; +import org.mockito.Captor; +import org.mockito.Mock; +import org.mockito.junit.MockitoJUnitRunner; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotEquals; diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/RoleBasedAccessTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/RoleBasedAccessTest.java index 9d8badba6f..cbd751e00c 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/RoleBasedAccessTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/RoleBasedAccessTest.java @@ -22,11 +22,10 @@ import org.opensearch.security.test.helper.file.FileHelper; import org.opensearch.security.test.helper.rest.RestHelper.HttpResponse; -import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX; - import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.allOf; import static org.hamcrest.Matchers.hasItem; +import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX; public class RoleBasedAccessTest extends AbstractRestApiUnitTest { private final String ENDPOINT; diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiActionRequestContentValidatorTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiActionRequestContentValidatorTest.java index cab192093c..b5a438c3f2 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiActionRequestContentValidatorTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiActionRequestContentValidatorTest.java @@ -11,13 +11,14 @@ package org.opensearch.security.dlic.rest.api; +import java.io.IOException; + import com.fasterxml.jackson.databind.node.ObjectNode; import org.junit.Test; + import org.opensearch.core.common.bytes.BytesArray; import org.opensearch.security.util.FakeRestRequest; -import java.io.IOException; - import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiActionValidationTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiActionValidationTest.java index bff2056fa4..88a358dcb2 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiActionValidationTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiActionValidationTest.java @@ -12,10 +12,12 @@ package org.opensearch.security.dlic.rest.api; import org.junit.Test; -import org.mockito.Mockito; + import org.opensearch.core.rest.RestStatus; import org.opensearch.security.securityconf.impl.v7.RoleV7; +import org.mockito.Mockito; + import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiTest.java index 1772bb0b67..8b475ec776 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/RolesApiTest.java @@ -11,6 +11,8 @@ package org.opensearch.security.dlic.rest.api; +import java.util.List; + import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.node.ArrayNode; @@ -19,6 +21,7 @@ import org.apache.hc.core5.http.HttpStatus; import org.junit.Assert; import org.junit.Test; + import org.opensearch.common.settings.Settings; import org.opensearch.common.xcontent.XContentType; import org.opensearch.security.DefaultObjectMapper; @@ -27,8 +30,6 @@ import org.opensearch.security.test.helper.file.FileHelper; import org.opensearch.security.test.helper.rest.RestHelper.HttpResponse; -import java.util.List; - import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX; import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_ADMIN_ENABLED; diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/RolesMappingApiActionValidationTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/RolesMappingApiActionValidationTest.java index 8c1b6b9285..5c041989a6 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/RolesMappingApiActionValidationTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/RolesMappingApiActionValidationTest.java @@ -11,14 +11,15 @@ package org.opensearch.security.dlic.rest.api; +import java.util.List; +import java.util.Map; + import org.junit.Before; import org.junit.Test; + import org.opensearch.core.rest.RestStatus; import org.opensearch.security.securityconf.impl.CType; -import java.util.List; -import java.util.Map; - import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/SecurityConfigApiActionValidationTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/SecurityConfigApiActionValidationTest.java index af80ad3a4d..a6832457b3 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/SecurityConfigApiActionValidationTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/SecurityConfigApiActionValidationTest.java @@ -12,15 +12,16 @@ package org.opensearch.security.dlic.rest.api; import org.junit.Test; + import org.opensearch.common.settings.Settings; import org.opensearch.rest.RestRequest; import org.opensearch.security.util.FakeRestRequest; +import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_ADMIN_ENABLED; +import static org.opensearch.security.support.ConfigConstants.SECURITY_UNSUPPORTED_RESTAPI_ALLOW_SECURITYCONFIG_MODIFICATION; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; import static org.mockito.Mockito.when; -import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_ADMIN_ENABLED; -import static org.opensearch.security.support.ConfigConstants.SECURITY_UNSUPPORTED_RESTAPI_ALLOW_SECURITYCONFIG_MODIFICATION; public class SecurityConfigApiActionValidationTest extends AbstractApiActionValidationTest { diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/SecurityConfigurationTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/SecurityConfigurationTest.java index 67858261a4..a0f9cca833 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/SecurityConfigurationTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/SecurityConfigurationTest.java @@ -11,16 +11,17 @@ package org.opensearch.security.dlic.rest.api; +import java.util.List; + import com.fasterxml.jackson.databind.ObjectMapper; import org.junit.Before; import org.junit.Test; + import org.opensearch.security.DefaultObjectMapper; import org.opensearch.security.securityconf.impl.CType; import org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration; import org.opensearch.security.securityconf.impl.v7.RoleV7; -import java.util.List; - import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertThrows; diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/SecuritySSLCertsApiActionValidationTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/SecuritySSLCertsApiActionValidationTest.java index 59fa37274b..d59ccf116c 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/SecuritySSLCertsApiActionValidationTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/SecuritySSLCertsApiActionValidationTest.java @@ -12,16 +12,17 @@ package org.opensearch.security.dlic.rest.api; import org.junit.Test; + import org.opensearch.core.rest.RestStatus; import org.opensearch.rest.RestRequest; import org.opensearch.security.util.FakeRestRequest; +import static org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator.CERTS_INFO_ACTION; +import static org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator.RELOAD_CERTS_ACTION; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; import static org.mockito.Mockito.when; -import static org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator.CERTS_INFO_ACTION; -import static org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator.RELOAD_CERTS_ACTION; public class SecuritySSLCertsApiActionValidationTest extends AbstractApiActionValidationTest { diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/SslCertsApiTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/SslCertsApiTest.java index 8797d196f5..75e1e59b0a 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/SslCertsApiTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/SslCertsApiTest.java @@ -14,9 +14,9 @@ import java.util.List; import java.util.Map; -import com.fasterxml.jackson.core.JsonProcessingException; import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableMap; +import com.fasterxml.jackson.core.JsonProcessingException; import org.apache.hc.core5.http.Header; import org.apache.hc.core5.http.HttpStatus; import org.junit.Assert; diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/UserApiTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/UserApiTest.java index 678566c12b..ca467801f0 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/UserApiTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/UserApiTest.java @@ -37,6 +37,7 @@ import org.opensearch.security.test.helper.file.FileHelper; import org.opensearch.security.test.helper.rest.RestHelper.HttpResponse; import org.opensearch.security.user.UserService; + import org.passay.CharacterCharacteristicsRule; import org.passay.CharacterRule; import org.passay.EnglishCharacterData; @@ -46,10 +47,10 @@ import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.containsString; import static org.hamcrest.Matchers.equalTo; -import static org.junit.Assert.assertNotEquals; import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX; import static org.opensearch.security.dlic.rest.api.InternalUsersApiAction.RESTRICTED_FROM_USERNAME; import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_ADMIN_ENABLED; +import static org.junit.Assert.assertNotEquals; public class UserApiTest extends AbstractRestApiUnitTest { private final String ENDPOINT; diff --git a/src/test/java/org/opensearch/security/dlic/rest/api/WhitelistApiTest.java b/src/test/java/org/opensearch/security/dlic/rest/api/WhitelistApiTest.java index 398489b788..b9b3cf50b8 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/api/WhitelistApiTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/api/WhitelistApiTest.java @@ -14,8 +14,8 @@ import java.util.Map; import java.util.stream.Collectors; -import com.fasterxml.jackson.databind.JsonNode; import com.google.common.collect.ImmutableMap; +import com.fasterxml.jackson.databind.JsonNode; import org.apache.hc.core5.http.Header; import org.apache.hc.core5.http.HttpStatus; import org.junit.Assert; @@ -34,9 +34,9 @@ import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.equalTo; +import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertTrue; -import static org.opensearch.security.OpenSearchSecurityPlugin.PLUGINS_PREFIX; /** * Testing class to verify that {@link WhitelistApiAction} works correctly. diff --git a/src/test/java/org/opensearch/security/dlic/rest/validation/EndpointValidatorTest.java b/src/test/java/org/opensearch/security/dlic/rest/validation/EndpointValidatorTest.java index 8e3d6f5e70..389c2b6ff4 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/validation/EndpointValidatorTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/validation/EndpointValidatorTest.java @@ -11,13 +11,14 @@ package org.opensearch.security.dlic.rest.validation; +import java.io.IOException; +import java.util.List; + import org.apache.commons.lang3.tuple.Triple; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; -import org.mockito.Mock; -import org.mockito.Mockito; -import org.mockito.junit.MockitoJUnitRunner; + import org.opensearch.core.rest.RestStatus; import org.opensearch.security.DefaultObjectMapper; import org.opensearch.security.dlic.rest.api.Endpoint; @@ -28,8 +29,9 @@ import org.opensearch.security.securityconf.impl.v7.ActionGroupsV7; import org.opensearch.security.securityconf.impl.v7.RoleV7; -import java.io.IOException; -import java.util.List; +import org.mockito.Mock; +import org.mockito.Mockito; +import org.mockito.junit.MockitoJUnitRunner; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; diff --git a/src/test/java/org/opensearch/security/dlic/rest/validation/PasswordValidatorTest.java b/src/test/java/org/opensearch/security/dlic/rest/validation/PasswordValidatorTest.java index 22bdea982f..c623140c3f 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/validation/PasswordValidatorTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/validation/PasswordValidatorTest.java @@ -18,10 +18,10 @@ import org.opensearch.common.settings.Settings; -import static org.junit.Assert.assertEquals; import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_PASSWORD_MIN_LENGTH; import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_PASSWORD_SCORE_BASED_VALIDATION_STRENGTH; import static org.opensearch.security.support.ConfigConstants.SECURITY_RESTAPI_PASSWORD_VALIDATION_REGEX; +import static org.junit.Assert.assertEquals; public class PasswordValidatorTest { diff --git a/src/test/java/org/opensearch/security/dlic/rest/validation/RequestContentValidatorTest.java b/src/test/java/org/opensearch/security/dlic/rest/validation/RequestContentValidatorTest.java index 7f12dc2e72..429bd67b3f 100644 --- a/src/test/java/org/opensearch/security/dlic/rest/validation/RequestContentValidatorTest.java +++ b/src/test/java/org/opensearch/security/dlic/rest/validation/RequestContentValidatorTest.java @@ -11,16 +11,20 @@ package org.opensearch.security.dlic.rest.validation; +import java.io.IOException; +import java.util.Collections; +import java.util.Map; +import java.util.Set; + +import com.google.common.collect.ImmutableMap; +import com.google.common.collect.ImmutableSet; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.node.NullNode; import com.fasterxml.jackson.databind.node.ObjectNode; -import com.google.common.collect.ImmutableMap; -import com.google.common.collect.ImmutableSet; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; -import org.mockito.Mock; -import org.mockito.junit.MockitoJUnitRunner; + import org.opensearch.common.settings.Settings; import org.opensearch.common.xcontent.XContentFactory; import org.opensearch.core.common.bytes.BytesArray; @@ -31,10 +35,8 @@ import org.opensearch.rest.RestRequest; import org.opensearch.security.DefaultObjectMapper; -import java.io.IOException; -import java.util.Collections; -import java.util.Map; -import java.util.Set; +import org.mockito.Mock; +import org.mockito.junit.MockitoJUnitRunner; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; diff --git a/src/test/java/org/opensearch/security/filter/DelegatingRestHandlerTests.java b/src/test/java/org/opensearch/security/filter/DelegatingRestHandlerTests.java index 2afb285874..236ac99ca6 100644 --- a/src/test/java/org/opensearch/security/filter/DelegatingRestHandlerTests.java +++ b/src/test/java/org/opensearch/security/filter/DelegatingRestHandlerTests.java @@ -8,7 +8,14 @@ package org.opensearch.security.filter; +import java.lang.reflect.Method; +import java.lang.reflect.Modifier; +import java.util.Arrays; +import java.util.List; +import java.util.stream.Collectors; + import org.junit.Test; + import org.opensearch.client.node.NodeClient; import org.opensearch.core.common.bytes.BytesArray; import org.opensearch.core.rest.RestStatus; @@ -17,12 +24,6 @@ import org.opensearch.rest.RestHandler; import org.opensearch.rest.RestRequest; -import java.lang.reflect.Method; -import java.lang.reflect.Modifier; -import java.util.Arrays; -import java.util.List; -import java.util.stream.Collectors; - import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.spy; import static org.mockito.Mockito.times; diff --git a/src/test/java/org/opensearch/security/filter/RestPathMatchesTests.java b/src/test/java/org/opensearch/security/filter/RestPathMatchesTests.java index eed095c9b6..fd686bf857 100644 --- a/src/test/java/org/opensearch/security/filter/RestPathMatchesTests.java +++ b/src/test/java/org/opensearch/security/filter/RestPathMatchesTests.java @@ -8,12 +8,12 @@ package org.opensearch.security.filter; -import org.junit.Before; -import org.junit.Test; - import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; +import org.junit.Before; +import org.junit.Test; + import static org.junit.jupiter.api.Assertions.assertFalse; import static org.junit.jupiter.api.Assertions.assertTrue; import static org.mockito.Mockito.mock; diff --git a/src/test/java/org/opensearch/security/filter/SecurityFilterTests.java b/src/test/java/org/opensearch/security/filter/SecurityFilterTests.java index 58a12a84a8..4f90a0865a 100644 --- a/src/test/java/org/opensearch/security/filter/SecurityFilterTests.java +++ b/src/test/java/org/opensearch/security/filter/SecurityFilterTests.java @@ -18,13 +18,12 @@ import org.junit.Test; import org.junit.runner.RunWith; import org.junit.runners.Parameterized; -import org.mockito.ArgumentCaptor; import org.opensearch.OpenSearchSecurityException; -import org.opensearch.core.action.ActionListener; -import org.opensearch.core.action.ActionResponse; import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.settings.Settings; +import org.opensearch.core.action.ActionListener; +import org.opensearch.core.action.ActionResponse; import org.opensearch.security.auditlog.AuditLog; import org.opensearch.security.configuration.AdminDNs; import org.opensearch.security.configuration.CompatConfig; @@ -36,6 +35,8 @@ import org.opensearch.security.support.WildcardMatcher; import org.opensearch.threadpool.ThreadPool; +import org.mockito.ArgumentCaptor; + import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.containsString; import static org.hamcrest.Matchers.equalTo; diff --git a/src/test/java/org/opensearch/security/filter/SecurityRestFilterUnitTests.java b/src/test/java/org/opensearch/security/filter/SecurityRestFilterUnitTests.java index 1f3bca4705..1727fddcc3 100644 --- a/src/test/java/org/opensearch/security/filter/SecurityRestFilterUnitTests.java +++ b/src/test/java/org/opensearch/security/filter/SecurityRestFilterUnitTests.java @@ -11,8 +11,11 @@ package org.opensearch.security.filter; +import java.nio.file.Path; + import org.junit.Before; import org.junit.Test; + import org.opensearch.client.node.NodeClient; import org.opensearch.common.settings.Settings; import org.opensearch.common.util.concurrent.ThreadContext; @@ -30,8 +33,6 @@ import org.opensearch.security.ssl.transport.PrincipalExtractor; import org.opensearch.threadpool.ThreadPool; -import java.nio.file.Path; - import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; import static org.mockito.ArgumentMatchers.any; diff --git a/src/test/java/org/opensearch/security/filter/SecurityRestUtilsTests.java b/src/test/java/org/opensearch/security/filter/SecurityRestUtilsTests.java index 0424d780ef..46b0e82f2a 100644 --- a/src/test/java/org/opensearch/security/filter/SecurityRestUtilsTests.java +++ b/src/test/java/org/opensearch/security/filter/SecurityRestUtilsTests.java @@ -1,11 +1,13 @@ package org.opensearch.security.filter; +import org.junit.Test; + +import org.opensearch.http.netty4.Netty4HttpChannel; + import io.netty.handler.codec.http.DefaultFullHttpRequest; import io.netty.handler.codec.http.FullHttpRequest; import io.netty.handler.codec.http.HttpMethod; import io.netty.handler.codec.http.HttpVersion; -import org.junit.Test; -import org.opensearch.http.netty4.Netty4HttpChannel; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; diff --git a/src/test/java/org/opensearch/security/http/OnBehalfOfAuthenticatorTest.java b/src/test/java/org/opensearch/security/http/OnBehalfOfAuthenticatorTest.java index 9f2c5ad48a..672738326d 100644 --- a/src/test/java/org/opensearch/security/http/OnBehalfOfAuthenticatorTest.java +++ b/src/test/java/org/opensearch/security/http/OnBehalfOfAuthenticatorTest.java @@ -12,24 +12,19 @@ package org.opensearch.security.http; import java.nio.charset.StandardCharsets; +import java.util.Arrays; import java.util.Base64; import java.util.Collections; import java.util.Date; import java.util.HashMap; -import java.util.Map; -import java.util.Set; -import java.util.List; import java.util.HashSet; -import java.util.Arrays; +import java.util.List; +import java.util.Map; import java.util.Optional; - +import java.util.Set; import javax.crypto.SecretKey; import com.google.common.io.BaseEncoding; -import io.jsonwebtoken.JwtBuilder; -import io.jsonwebtoken.Jwts; -import io.jsonwebtoken.SignatureAlgorithm; -import io.jsonwebtoken.security.Keys; import org.apache.commons.lang3.RandomStringUtils; import org.apache.hc.core5.http.HttpHeaders; import org.apache.logging.log4j.Level; @@ -39,7 +34,6 @@ import org.apache.logging.log4j.core.Logger; import org.junit.Test; -import org.mockito.ArgumentCaptor; import org.opensearch.OpenSearchSecurityException; import org.opensearch.SpecialPermission; import org.opensearch.common.settings.Settings; @@ -49,7 +43,15 @@ import org.opensearch.security.user.AuthCredentials; import org.opensearch.security.util.FakeRestRequest; +import io.jsonwebtoken.JwtBuilder; +import io.jsonwebtoken.Jwts; +import io.jsonwebtoken.SignatureAlgorithm; +import io.jsonwebtoken.security.Keys; +import org.mockito.ArgumentCaptor; + import static org.hamcrest.Matchers.equalTo; +import static org.opensearch.rest.RestRequest.Method.POST; +import static org.opensearch.rest.RestRequest.Method.PUT; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertNotNull; @@ -64,8 +66,6 @@ import static org.mockito.Mockito.times; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.when; -import static org.opensearch.rest.RestRequest.Method.POST; -import static org.opensearch.rest.RestRequest.Method.PUT; public class OnBehalfOfAuthenticatorTest { final static String clusterName = "cluster_0"; diff --git a/src/test/java/org/opensearch/security/http/proxy/HTTPExtendedProxyAuthenticatorTest.java b/src/test/java/org/opensearch/security/http/proxy/HTTPExtendedProxyAuthenticatorTest.java index f7a2011a68..6644f8ce73 100644 --- a/src/test/java/org/opensearch/security/http/proxy/HTTPExtendedProxyAuthenticatorTest.java +++ b/src/test/java/org/opensearch/security/http/proxy/HTTPExtendedProxyAuthenticatorTest.java @@ -36,17 +36,17 @@ import org.junit.Test; import org.opensearch.OpenSearchSecurityException; -import org.opensearch.core.action.ActionListener; -import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.settings.Settings; import org.opensearch.common.util.concurrent.ThreadContext; +import org.opensearch.core.action.ActionListener; +import org.opensearch.core.common.bytes.BytesReference; +import org.opensearch.core.rest.RestStatus; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.http.HttpChannel; import org.opensearch.http.HttpRequest; import org.opensearch.http.HttpResponse; import org.opensearch.rest.RestRequest; import org.opensearch.rest.RestRequest.Method; -import org.opensearch.core.rest.RestStatus; import org.opensearch.security.filter.SecurityRequestChannel; import org.opensearch.security.filter.SecurityRequestFactory; import org.opensearch.security.support.ConfigConstants; diff --git a/src/test/java/org/opensearch/security/identity/SecurityTokenManagerTest.java b/src/test/java/org/opensearch/security/identity/SecurityTokenManagerTest.java index bc3f3f9732..d686b145b2 100644 --- a/src/test/java/org/opensearch/security/identity/SecurityTokenManagerTest.java +++ b/src/test/java/org/opensearch/security/identity/SecurityTokenManagerTest.java @@ -19,8 +19,7 @@ import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; -import org.mockito.Mock; -import org.mockito.junit.MockitoJUnitRunner; + import org.opensearch.OpenSearchSecurityException; import org.opensearch.cluster.ClusterName; import org.opensearch.cluster.service.ClusterService; @@ -38,16 +37,18 @@ import org.opensearch.security.user.UserService; import org.opensearch.threadpool.ThreadPool; +import org.mockito.Mock; +import org.mockito.junit.MockitoJUnitRunner; + import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.equalTo; - import static org.junit.Assert.assertThrows; -import static org.mockito.Mockito.doAnswer; -import static org.mockito.Mockito.mock; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.anyBoolean; import static org.mockito.ArgumentMatchers.anyLong; import static org.mockito.ArgumentMatchers.anyString; +import static org.mockito.Mockito.doAnswer; +import static org.mockito.Mockito.mock; import static org.mockito.Mockito.never; import static org.mockito.Mockito.spy; import static org.mockito.Mockito.verify; diff --git a/src/test/java/org/opensearch/security/privileges/PrivilegesEvaluatorUnitTest.java b/src/test/java/org/opensearch/security/privileges/PrivilegesEvaluatorUnitTest.java index 811c817b65..03ea9fc264 100644 --- a/src/test/java/org/opensearch/security/privileges/PrivilegesEvaluatorUnitTest.java +++ b/src/test/java/org/opensearch/security/privileges/PrivilegesEvaluatorUnitTest.java @@ -8,17 +8,17 @@ package org.opensearch.security.privileges; +import java.util.List; + import com.google.common.collect.ImmutableList; import org.junit.Test; -import java.util.List; - import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.equalTo; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertTrue; import static org.opensearch.security.privileges.PrivilegesEvaluator.DNFOF_MATCHER; import static org.opensearch.security.privileges.PrivilegesEvaluator.isClusterPerm; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; public class PrivilegesEvaluatorUnitTest { diff --git a/src/test/java/org/opensearch/security/privileges/RestLayerPrivilegesEvaluatorTest.java b/src/test/java/org/opensearch/security/privileges/RestLayerPrivilegesEvaluatorTest.java index 2f6189bab2..c374a10c24 100644 --- a/src/test/java/org/opensearch/security/privileges/RestLayerPrivilegesEvaluatorTest.java +++ b/src/test/java/org/opensearch/security/privileges/RestLayerPrivilegesEvaluatorTest.java @@ -23,9 +23,7 @@ import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; -import org.mockito.Mock; -import org.mockito.junit.MockitoJUnitRunner; -import org.mockito.quality.Strictness; + import org.opensearch.OpenSearchSecurityException; import org.opensearch.cluster.node.DiscoveryNode; import org.opensearch.cluster.service.ClusterService; @@ -36,8 +34,12 @@ import org.opensearch.security.user.User; import org.opensearch.threadpool.ThreadPool; -import static org.hamcrest.Matchers.equalTo; +import org.mockito.Mock; +import org.mockito.junit.MockitoJUnitRunner; +import org.mockito.quality.Strictness; + import static org.hamcrest.MatcherAssert.assertThat; +import static org.hamcrest.Matchers.equalTo; import static org.junit.Assert.assertThrows; import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.mock; diff --git a/src/test/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluatorTest.java b/src/test/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluatorTest.java index dc95a0dbe0..6def646981 100644 --- a/src/test/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluatorTest.java +++ b/src/test/java/org/opensearch/security/privileges/SecurityIndexAccessEvaluatorTest.java @@ -11,13 +11,17 @@ package org.opensearch.security.privileges; +import java.lang.reflect.Constructor; +import java.lang.reflect.InvocationTargetException; +import java.lang.reflect.Method; +import java.util.List; +import java.util.Set; + import com.google.common.collect.ImmutableSet; import org.apache.logging.log4j.Logger; import org.junit.After; import org.junit.Test; import org.junit.runner.RunWith; -import org.mockito.Mock; -import org.mockito.junit.MockitoJUnitRunner; import org.opensearch.action.ActionRequest; import org.opensearch.action.get.MultiGetRequest; @@ -36,14 +40,12 @@ import org.opensearch.security.user.User; import org.opensearch.tasks.Task; -import java.lang.reflect.Constructor; -import java.lang.reflect.InvocationTargetException; -import java.lang.reflect.Method; -import java.util.List; -import java.util.Set; +import org.mockito.Mock; +import org.mockito.junit.MockitoJUnitRunner; import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.is; +import static org.opensearch.security.support.ConfigConstants.SYSTEM_INDEX_PERMISSION; import static org.mockito.Mockito.doReturn; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.spy; @@ -52,7 +54,6 @@ import static org.mockito.Mockito.verifyNoInteractions; import static org.mockito.Mockito.verifyNoMoreInteractions; import static org.mockito.Mockito.when; -import static org.opensearch.security.support.ConfigConstants.SYSTEM_INDEX_PERMISSION; @RunWith(MockitoJUnitRunner.class) public class SecurityIndexAccessEvaluatorTest { diff --git a/src/test/java/org/opensearch/security/protected_indices/ProtectedIndicesTests.java b/src/test/java/org/opensearch/security/protected_indices/ProtectedIndicesTests.java index 3d37c132c9..bc4cc18f61 100644 --- a/src/test/java/org/opensearch/security/protected_indices/ProtectedIndicesTests.java +++ b/src/test/java/org/opensearch/security/protected_indices/ProtectedIndicesTests.java @@ -46,9 +46,9 @@ import org.opensearch.common.settings.Settings; import org.opensearch.common.xcontent.LoggingDeprecationHandler; import org.opensearch.common.xcontent.XContentType; +import org.opensearch.core.rest.RestStatus; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.core.xcontent.XContentParser; -import org.opensearch.core.rest.RestStatus; import org.opensearch.security.support.ConfigConstants; import org.opensearch.security.test.DynamicSecurityConfig; import org.opensearch.security.test.SingleClusterTest; diff --git a/src/test/java/org/opensearch/security/securityconf/SecurityRolesPermissionsTest.java b/src/test/java/org/opensearch/security/securityconf/SecurityRolesPermissionsTest.java index 9d104381a6..f469d1989c 100644 --- a/src/test/java/org/opensearch/security/securityconf/SecurityRolesPermissionsTest.java +++ b/src/test/java/org/opensearch/security/securityconf/SecurityRolesPermissionsTest.java @@ -35,13 +35,12 @@ import java.util.stream.Collectors; import java.util.stream.Stream; -import com.fasterxml.jackson.databind.node.ArrayNode; -import com.fasterxml.jackson.databind.node.ObjectNode; import com.google.common.collect.ImmutableMap; import com.google.common.collect.ImmutableSet; +import com.fasterxml.jackson.databind.node.ArrayNode; +import com.fasterxml.jackson.databind.node.ObjectNode; import org.junit.Assert; import org.junit.Test; -import org.mockito.Mockito; import org.opensearch.common.settings.Settings; import org.opensearch.security.DefaultObjectMapper; @@ -50,6 +49,8 @@ import org.opensearch.security.securityconf.impl.CType; import org.opensearch.security.securityconf.impl.SecurityDynamicConfiguration; +import org.mockito.Mockito; + import static org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator.CERTS_INFO_ACTION; import static org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator.ENDPOINTS_WITH_PERMISSIONS; import static org.opensearch.security.dlic.rest.api.RestApiAdminPrivilegesEvaluator.RELOAD_CERTS_ACTION; diff --git a/src/test/java/org/opensearch/security/securityconf/SecurityRolesPermissionsV6Test.java b/src/test/java/org/opensearch/security/securityconf/SecurityRolesPermissionsV6Test.java index edf5a7533b..ace182bcda 100644 --- a/src/test/java/org/opensearch/security/securityconf/SecurityRolesPermissionsV6Test.java +++ b/src/test/java/org/opensearch/security/securityconf/SecurityRolesPermissionsV6Test.java @@ -11,14 +11,20 @@ package org.opensearch.security.securityconf; +import java.io.IOException; +import java.util.Arrays; +import java.util.List; +import java.util.Map; +import java.util.TreeMap; + +import com.google.common.collect.ImmutableMap; +import com.google.common.collect.ImmutableSet; import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.node.ArrayNode; import com.fasterxml.jackson.databind.node.ObjectNode; -import com.google.common.collect.ImmutableMap; -import com.google.common.collect.ImmutableSet; import org.junit.Assert; import org.junit.Test; -import org.mockito.quality.Strictness; + import org.opensearch.action.support.IndicesOptions; import org.opensearch.cluster.ClusterState; import org.opensearch.cluster.metadata.IndexAbstraction; @@ -33,11 +39,7 @@ import org.opensearch.security.support.ConfigConstants; import org.opensearch.security.user.User; -import java.io.IOException; -import java.util.Arrays; -import java.util.List; -import java.util.Map; -import java.util.TreeMap; +import org.mockito.quality.Strictness; import static org.mockito.Mockito.doReturn; import static org.mockito.Mockito.mock; diff --git a/src/test/java/org/opensearch/security/securityconf/impl/v6/ConfigV6Test.java b/src/test/java/org/opensearch/security/securityconf/impl/v6/ConfigV6Test.java index f9febb3bda..2983fc6064 100644 --- a/src/test/java/org/opensearch/security/securityconf/impl/v6/ConfigV6Test.java +++ b/src/test/java/org/opensearch/security/securityconf/impl/v6/ConfigV6Test.java @@ -11,8 +11,8 @@ package org.opensearch.security.securityconf.impl.v6; -import com.fasterxml.jackson.databind.JsonNode; import com.google.common.collect.ImmutableList; +import com.fasterxml.jackson.databind.JsonNode; import org.junit.Assert; import org.junit.Test; import org.junit.runner.RunWith; diff --git a/src/test/java/org/opensearch/security/securityconf/impl/v7/ConfigV7Test.java b/src/test/java/org/opensearch/security/securityconf/impl/v7/ConfigV7Test.java index 07d446074c..542ce878bd 100644 --- a/src/test/java/org/opensearch/security/securityconf/impl/v7/ConfigV7Test.java +++ b/src/test/java/org/opensearch/security/securityconf/impl/v7/ConfigV7Test.java @@ -11,8 +11,8 @@ package org.opensearch.security.securityconf.impl.v7; -import com.fasterxml.jackson.databind.JsonNode; import com.google.common.collect.ImmutableList; +import com.fasterxml.jackson.databind.JsonNode; import org.junit.Assert; import org.junit.Test; import org.junit.runner.RunWith; diff --git a/src/test/java/org/opensearch/security/securityconf/impl/v7/IndexPatternTests.java b/src/test/java/org/opensearch/security/securityconf/impl/v7/IndexPatternTests.java index 2b95a6e84c..513e5bb2cc 100644 --- a/src/test/java/org/opensearch/security/securityconf/impl/v7/IndexPatternTests.java +++ b/src/test/java/org/opensearch/security/securityconf/impl/v7/IndexPatternTests.java @@ -20,9 +20,6 @@ import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; -import org.mockito.Mock; -import org.mockito.junit.MockitoJUnitRunner; -import org.mockito.quality.Strictness; import org.opensearch.action.support.IndicesOptions; import org.opensearch.cluster.ClusterState; @@ -34,6 +31,10 @@ import org.opensearch.security.securityconf.ConfigModelV7.IndexPattern; import org.opensearch.security.user.User; +import org.mockito.Mock; +import org.mockito.junit.MockitoJUnitRunner; +import org.mockito.quality.Strictness; + import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.contains; import static org.junit.Assert.assertThrows; diff --git a/src/test/java/org/opensearch/security/setting/DeprecatedSettingsTest.java b/src/test/java/org/opensearch/security/setting/DeprecatedSettingsTest.java index 143efe9b11..a0f9558228 100644 --- a/src/test/java/org/opensearch/security/setting/DeprecatedSettingsTest.java +++ b/src/test/java/org/opensearch/security/setting/DeprecatedSettingsTest.java @@ -9,19 +9,20 @@ import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; -import org.mockito.Mock; -import org.mockito.junit.MockitoJUnitRunner; import org.opensearch.common.logging.DeprecationLogger; import org.opensearch.common.settings.Settings; +import org.mockito.Mock; +import org.mockito.junit.MockitoJUnitRunner; + +import static org.opensearch.security.setting.DeprecatedSettings.checkForDeprecatedSetting; import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.verifyNoInteractions; import static org.mockito.Mockito.verifyNoMoreInteractions; -import static org.opensearch.security.setting.DeprecatedSettings.checkForDeprecatedSetting; @RunWith(MockitoJUnitRunner.class) public class DeprecatedSettingsTest { diff --git a/src/test/java/org/opensearch/security/ssl/OpenSSLTest.java b/src/test/java/org/opensearch/security/ssl/OpenSSLTest.java index 3568cf738b..1758d7dc9c 100644 --- a/src/test/java/org/opensearch/security/ssl/OpenSSLTest.java +++ b/src/test/java/org/opensearch/security/ssl/OpenSSLTest.java @@ -22,8 +22,6 @@ import java.util.Set; import com.google.common.collect.Lists; -import io.netty.handler.ssl.OpenSsl; -import io.netty.util.internal.PlatformDependent; import org.junit.AfterClass; import org.junit.Assert; import org.junit.Assume; @@ -46,6 +44,9 @@ import org.opensearch.security.test.helper.rest.RestHelper; import org.opensearch.transport.Netty4ModulePlugin; +import io.netty.handler.ssl.OpenSsl; +import io.netty.util.internal.PlatformDependent; + public class OpenSSLTest extends SSLTest { private static final String USE_NETTY_DEFAULT_ALLOCATOR_PROPERTY = "opensearch.unsafe.use_netty_default_allocator"; private static String USE_NETTY_DEFAULT_ALLOCATOR; diff --git a/src/test/java/org/opensearch/security/ssl/SSLTest.java b/src/test/java/org/opensearch/security/ssl/SSLTest.java index 5272af5781..b5135ebdb0 100644 --- a/src/test/java/org/opensearch/security/ssl/SSLTest.java +++ b/src/test/java/org/opensearch/security/ssl/SSLTest.java @@ -24,14 +24,12 @@ import java.util.Arrays; import java.util.List; import java.util.Random; - import javax.net.ssl.SSLContext; import javax.net.ssl.SSLEngine; import javax.net.ssl.SSLException; import javax.net.ssl.SSLHandshakeException; import com.google.common.collect.Lists; -import io.netty.util.internal.PlatformDependent; import org.apache.hc.core5.http.NoHttpResponseException; import org.apache.lucene.util.Constants; import org.junit.Assert; @@ -64,6 +62,8 @@ import org.opensearch.security.test.helper.rest.RestHelper; import org.opensearch.transport.Netty4ModulePlugin; +import io.netty.util.internal.PlatformDependent; + import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_HTTP_KEYSTORE_KEYPASSWORD; import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_HTTP_PEMKEY_PASSWORD; import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_KEYSTORE_KEYPASSWORD; diff --git a/src/test/java/org/opensearch/security/ssl/SecuritySSLReloadCertsActionTests.java b/src/test/java/org/opensearch/security/ssl/SecuritySSLReloadCertsActionTests.java index 0376253b06..fe201fc2e8 100644 --- a/src/test/java/org/opensearch/security/ssl/SecuritySSLReloadCertsActionTests.java +++ b/src/test/java/org/opensearch/security/ssl/SecuritySSLReloadCertsActionTests.java @@ -11,6 +11,11 @@ package org.opensearch.security.ssl; +import java.io.IOException; +import java.util.List; +import java.util.Map; +import java.util.Objects; + import com.fasterxml.jackson.databind.JsonNode; import org.junit.After; import org.junit.Assert; @@ -18,6 +23,7 @@ import org.junit.Rule; import org.junit.Test; import org.junit.rules.TemporaryFolder; + import org.opensearch.common.settings.Settings; import org.opensearch.security.DefaultObjectMapper; import org.opensearch.security.ssl.util.SSLConfigConstants; @@ -28,11 +34,6 @@ import org.opensearch.security.test.helper.file.FileHelper; import org.opensearch.security.test.helper.rest.RestHelper; -import java.io.IOException; -import java.util.List; -import java.util.Map; -import java.util.Objects; - public class SecuritySSLReloadCertsActionTests extends SingleClusterTest { private final ClusterConfiguration clusterConfiguration = ClusterConfiguration.DEFAULT; diff --git a/src/test/java/org/opensearch/security/ssl/transport/DualModeSSLHandlerTests.java b/src/test/java/org/opensearch/security/ssl/transport/DualModeSSLHandlerTests.java index 79d53f4d7b..e71e77d414 100644 --- a/src/test/java/org/opensearch/security/ssl/transport/DualModeSSLHandlerTests.java +++ b/src/test/java/org/opensearch/security/ssl/transport/DualModeSSLHandlerTests.java @@ -14,21 +14,22 @@ import java.util.ArrayList; import java.util.List; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; + +import org.opensearch.security.ssl.SecurityKeyStore; +import org.opensearch.security.ssl.util.SSLConnectionTestUtil; + import io.netty.buffer.ByteBuf; import io.netty.buffer.ByteBufAllocator; import io.netty.channel.ChannelFuture; import io.netty.channel.ChannelHandlerContext; import io.netty.channel.ChannelPipeline; import io.netty.handler.ssl.SslHandler; -import org.junit.Assert; -import org.junit.Before; -import org.junit.Test; import org.mockito.ArgumentCaptor; import org.mockito.Mockito; -import org.opensearch.security.ssl.SecurityKeyStore; -import org.opensearch.security.ssl.util.SSLConnectionTestUtil; - import static org.opensearch.transport.NettyAllocator.getAllocator; public class DualModeSSLHandlerTests { diff --git a/src/test/java/org/opensearch/security/ssl/util/SSLConnectionTestUtilTests.java b/src/test/java/org/opensearch/security/ssl/util/SSLConnectionTestUtilTests.java index 98ee95a90b..be9617b868 100644 --- a/src/test/java/org/opensearch/security/ssl/util/SSLConnectionTestUtilTests.java +++ b/src/test/java/org/opensearch/security/ssl/util/SSLConnectionTestUtilTests.java @@ -20,6 +20,7 @@ import org.junit.Assert; import org.junit.Before; import org.junit.Test; + import org.mockito.ArgumentCaptor; import org.mockito.Mockito; diff --git a/src/test/java/org/opensearch/security/ssl/util/TLSUtilTests.java b/src/test/java/org/opensearch/security/ssl/util/TLSUtilTests.java index c77f05b39f..03d8b869ca 100644 --- a/src/test/java/org/opensearch/security/ssl/util/TLSUtilTests.java +++ b/src/test/java/org/opensearch/security/ssl/util/TLSUtilTests.java @@ -10,12 +10,13 @@ */ package org.opensearch.security.ssl.util; -import io.netty.buffer.ByteBuf; -import io.netty.buffer.ByteBufAllocator; import org.junit.Assert; import org.junit.Before; import org.junit.Test; +import io.netty.buffer.ByteBuf; +import io.netty.buffer.ByteBufAllocator; + import static org.opensearch.transport.NettyAllocator.getAllocator; public class TLSUtilTests { diff --git a/src/test/java/org/opensearch/security/support/Base64CustomHelperTest.java b/src/test/java/org/opensearch/security/support/Base64CustomHelperTest.java index e35e1d72ba..afba688af7 100644 --- a/src/test/java/org/opensearch/security/support/Base64CustomHelperTest.java +++ b/src/test/java/org/opensearch/security/support/Base64CustomHelperTest.java @@ -11,10 +11,15 @@ package org.opensearch.security.support; -import com.amazon.dlic.auth.ldap.LdapUser; +import java.io.Serializable; +import java.net.InetSocketAddress; +import java.time.ZonedDateTime; +import java.util.ArrayList; +import java.util.HashMap; + import org.junit.Assert; import org.junit.Test; -import org.ldaptive.LdapEntry; + import org.opensearch.OpenSearchException; import org.opensearch.action.search.SearchRequest; import org.opensearch.core.common.io.stream.StreamOutput; @@ -23,11 +28,8 @@ import org.opensearch.security.user.AuthCredentials; import org.opensearch.security.user.User; -import java.io.Serializable; -import java.net.InetSocketAddress; -import java.time.ZonedDateTime; -import java.util.ArrayList; -import java.util.HashMap; +import com.amazon.dlic.auth.ldap.LdapUser; +import org.ldaptive.LdapEntry; import static org.opensearch.security.support.Base64CustomHelper.deserializeObject; import static org.opensearch.security.support.Base64CustomHelper.serializeObject; diff --git a/src/test/java/org/opensearch/security/support/Base64JDKHelperTest.java b/src/test/java/org/opensearch/security/support/Base64JDKHelperTest.java index 341c4a8659..4aab76bbae 100644 --- a/src/test/java/org/opensearch/security/support/Base64JDKHelperTest.java +++ b/src/test/java/org/opensearch/security/support/Base64JDKHelperTest.java @@ -11,10 +11,6 @@ package org.opensearch.security.support; -import static org.hamcrest.MatcherAssert.assertThat; -import static org.junit.Assert.assertThrows; -import static org.hamcrest.Matchers.containsString; - import java.io.ByteArrayOutputStream; import java.io.ObjectOutputStream; import java.io.Serializable; @@ -22,9 +18,10 @@ import java.util.ArrayList; import java.util.HashMap; +import com.google.common.io.BaseEncoding; import org.junit.Assert; import org.junit.Test; -import org.ldaptive.LdapEntry; + import org.opensearch.OpenSearchException; import org.opensearch.action.search.SearchRequest; import org.opensearch.security.auth.UserInjector; @@ -32,7 +29,11 @@ import org.opensearch.security.user.User; import com.amazon.dlic.auth.ldap.LdapUser; -import com.google.common.io.BaseEncoding; +import org.ldaptive.LdapEntry; + +import static org.hamcrest.MatcherAssert.assertThat; +import static org.hamcrest.Matchers.containsString; +import static org.junit.Assert.assertThrows; public class Base64JDKHelperTest { private static final class NotSafeSerializable implements Serializable { diff --git a/src/test/java/org/opensearch/security/support/StreamableRegistryTest.java b/src/test/java/org/opensearch/security/support/StreamableRegistryTest.java index 13f2448b30..e1959d3e19 100644 --- a/src/test/java/org/opensearch/security/support/StreamableRegistryTest.java +++ b/src/test/java/org/opensearch/security/support/StreamableRegistryTest.java @@ -11,11 +11,12 @@ package org.opensearch.security.support; +import java.net.InetSocketAddress; + import org.junit.Assert; import org.junit.Test; -import org.opensearch.OpenSearchException; -import java.net.InetSocketAddress; +import org.opensearch.OpenSearchException; public class StreamableRegistryTest { diff --git a/src/test/java/org/opensearch/security/system_indices/AbstractSystemIndicesTests.java b/src/test/java/org/opensearch/security/system_indices/AbstractSystemIndicesTests.java index 5dcc050a37..2e2e71e082 100644 --- a/src/test/java/org/opensearch/security/system_indices/AbstractSystemIndicesTests.java +++ b/src/test/java/org/opensearch/security/system_indices/AbstractSystemIndicesTests.java @@ -15,9 +15,9 @@ import java.util.List; import org.apache.hc.core5.http.Header; - import org.hamcrest.MatcherAssert; import org.hamcrest.Matchers; + import org.opensearch.action.admin.cluster.repositories.put.PutRepositoryRequest; import org.opensearch.action.admin.cluster.snapshots.create.CreateSnapshotRequest; import org.opensearch.action.admin.indices.create.CreateIndexRequest; @@ -28,14 +28,15 @@ import org.opensearch.common.settings.Settings; import org.opensearch.common.xcontent.LoggingDeprecationHandler; import org.opensearch.common.xcontent.XContentType; +import org.opensearch.core.rest.RestStatus; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.core.xcontent.XContentParser; -import org.opensearch.core.rest.RestStatus; import org.opensearch.security.support.ConfigConstants; import org.opensearch.security.test.DynamicSecurityConfig; import org.opensearch.security.test.SingleClusterTest; import org.opensearch.security.test.helper.file.FileHelper; import org.opensearch.security.test.helper.rest.RestHelper; + import static org.junit.Assert.assertEquals; /** diff --git a/src/test/java/org/opensearch/security/system_indices/SystemIndexDisabledTests.java b/src/test/java/org/opensearch/security/system_indices/SystemIndexDisabledTests.java index e85bddecb4..9415634596 100644 --- a/src/test/java/org/opensearch/security/system_indices/SystemIndexDisabledTests.java +++ b/src/test/java/org/opensearch/security/system_indices/SystemIndexDisabledTests.java @@ -11,17 +11,18 @@ package org.opensearch.security.system_indices; +import java.io.IOException; + import org.apache.hc.core5.http.Header; import org.apache.hc.core5.http.HttpStatus; import org.junit.Before; import org.junit.Test; + import org.opensearch.action.admin.indices.close.CloseIndexRequest; import org.opensearch.client.Client; import org.opensearch.core.rest.RestStatus; import org.opensearch.security.test.helper.rest.RestHelper; -import java.io.IOException; - import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; diff --git a/src/test/java/org/opensearch/security/system_indices/SystemIndexPermissionDisabledTests.java b/src/test/java/org/opensearch/security/system_indices/SystemIndexPermissionDisabledTests.java index c3feb70b98..25514c4118 100644 --- a/src/test/java/org/opensearch/security/system_indices/SystemIndexPermissionDisabledTests.java +++ b/src/test/java/org/opensearch/security/system_indices/SystemIndexPermissionDisabledTests.java @@ -11,17 +11,18 @@ package org.opensearch.security.system_indices; +import java.io.IOException; + import org.apache.hc.core5.http.Header; import org.apache.hc.core5.http.HttpStatus; import org.junit.Before; import org.junit.Test; + import org.opensearch.action.admin.indices.close.CloseIndexRequest; import org.opensearch.client.Client; import org.opensearch.core.rest.RestStatus; import org.opensearch.security.test.helper.rest.RestHelper; -import java.io.IOException; - import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; diff --git a/src/test/java/org/opensearch/security/system_indices/SystemIndexPermissionEnabledTests.java b/src/test/java/org/opensearch/security/system_indices/SystemIndexPermissionEnabledTests.java index b9630011cc..766db1eca8 100644 --- a/src/test/java/org/opensearch/security/system_indices/SystemIndexPermissionEnabledTests.java +++ b/src/test/java/org/opensearch/security/system_indices/SystemIndexPermissionEnabledTests.java @@ -15,6 +15,7 @@ import org.apache.hc.core5.http.HttpStatus; import org.junit.Before; import org.junit.Test; + import org.opensearch.action.admin.indices.close.CloseIndexRequest; import org.opensearch.client.Client; import org.opensearch.core.rest.RestStatus; diff --git a/src/test/java/org/opensearch/security/test/AbstractSecurityUnitTest.java b/src/test/java/org/opensearch/security/test/AbstractSecurityUnitTest.java index 6ca6c65d91..e05d1ffe8a 100644 --- a/src/test/java/org/opensearch/security/test/AbstractSecurityUnitTest.java +++ b/src/test/java/org/opensearch/security/test/AbstractSecurityUnitTest.java @@ -36,7 +36,6 @@ import java.util.Objects; import java.util.Optional; import java.util.concurrent.atomic.AtomicLong; - import javax.net.ssl.SSLContext; import javax.net.ssl.SSLEngine; @@ -45,7 +44,6 @@ import com.carrotsearch.randomizedtesting.annotations.ThreadLeakScope.Scope; import com.google.common.collect.ImmutableList; import com.google.common.collect.ImmutableSet; -import io.netty.handler.ssl.OpenSsl; import org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManagerBuilder; import org.apache.hc.client5.http.nio.AsyncClientConnectionManager; import org.apache.hc.client5.http.ssl.ClientTlsStrategyBuilder; @@ -94,6 +92,8 @@ import org.opensearch.security.test.helper.rules.SecurityTestWatcher; import org.opensearch.threadpool.ThreadPool; +import io.netty.handler.ssl.OpenSsl; + /* * There are real thread leaks during test execution, not all threads are * properly waited on or interrupted. While this normally doesn't create test diff --git a/src/test/java/org/opensearch/security/test/helper/cluster/ClusterHelper.java b/src/test/java/org/opensearch/security/test/helper/cluster/ClusterHelper.java index f3bfc1c110..27668d2657 100644 --- a/src/test/java/org/opensearch/security/test/helper/cluster/ClusterHelper.java +++ b/src/test/java/org/opensearch/security/test/helper/cluster/ClusterHelper.java @@ -59,9 +59,9 @@ import org.opensearch.cluster.health.ClusterHealthStatus; import org.opensearch.cluster.node.DiscoveryNodeRole; import org.opensearch.common.settings.Settings; -import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.common.unit.TimeValue; import org.opensearch.common.xcontent.XContentType; +import org.opensearch.core.common.transport.TransportAddress; import org.opensearch.http.HttpInfo; import org.opensearch.node.Node; import org.opensearch.node.PluginAwareNode; diff --git a/src/test/java/org/opensearch/security/test/helper/file/FileHelper.java b/src/test/java/org/opensearch/security/test/helper/file/FileHelper.java index d243e3c10c..dbab0a4ad9 100644 --- a/src/test/java/org/opensearch/security/test/helper/file/FileHelper.java +++ b/src/test/java/org/opensearch/security/test/helper/file/FileHelper.java @@ -47,10 +47,10 @@ import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; -import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.common.io.Streams; import org.opensearch.common.xcontent.XContentFactory; import org.opensearch.common.xcontent.XContentType; +import org.opensearch.core.common.bytes.BytesReference; import org.opensearch.core.xcontent.NamedXContentRegistry; import org.opensearch.core.xcontent.XContentBuilder; import org.opensearch.core.xcontent.XContentParser; diff --git a/src/test/java/org/opensearch/security/test/helper/network/SocketUtils.java b/src/test/java/org/opensearch/security/test/helper/network/SocketUtils.java index b9f014960c..c1758510a0 100644 --- a/src/test/java/org/opensearch/security/test/helper/network/SocketUtils.java +++ b/src/test/java/org/opensearch/security/test/helper/network/SocketUtils.java @@ -48,7 +48,6 @@ import java.util.Random; import java.util.SortedSet; import java.util.TreeSet; - import javax.net.ServerSocketFactory; /** diff --git a/src/test/java/org/opensearch/security/test/helper/rest/RestHelper.java b/src/test/java/org/opensearch/security/test/helper/rest/RestHelper.java index 03a5d5ca16..43e7afc559 100644 --- a/src/test/java/org/opensearch/security/test/helper/rest/RestHelper.java +++ b/src/test/java/org/opensearch/security/test/helper/rest/RestHelper.java @@ -38,7 +38,6 @@ import java.util.concurrent.CompletionException; import java.util.regex.Matcher; import java.util.regex.Pattern; - import javax.net.ssl.SSLContext; import javax.net.ssl.SSLEngine; diff --git a/src/test/java/org/opensearch/security/transport/SecurityInterceptorTests.java b/src/test/java/org/opensearch/security/transport/SecurityInterceptorTests.java index ea97a5897a..903ad89eac 100644 --- a/src/test/java/org/opensearch/security/transport/SecurityInterceptorTests.java +++ b/src/test/java/org/opensearch/security/transport/SecurityInterceptorTests.java @@ -9,17 +9,20 @@ package org.opensearch.security.transport; // CS-SUPPRESS-SINGLE: RegexpSingleline Extensions manager used for creating a mock +import java.net.InetAddress; import java.net.UnknownHostException; + import org.junit.Before; import org.junit.Test; -import org.mockito.Mock; -import org.mockito.MockitoAnnotations; + import org.opensearch.Version; import org.opensearch.action.search.PitService; import org.opensearch.cluster.ClusterName; import org.opensearch.cluster.node.DiscoveryNode; import org.opensearch.cluster.service.ClusterService; import org.opensearch.common.settings.Settings; +import org.opensearch.core.common.transport.TransportAddress; +import org.opensearch.core.transport.TransportResponse; import org.opensearch.extensions.ExtensionsManager; import org.opensearch.indices.IndicesService; import org.opensearch.repositories.RepositoriesService; @@ -40,18 +43,16 @@ import org.opensearch.transport.TransportInterceptor.AsyncSender; import org.opensearch.transport.TransportRequest; import org.opensearch.transport.TransportRequestOptions; -import org.opensearch.core.common.transport.TransportAddress; -import org.opensearch.core.transport.TransportResponse; import org.opensearch.transport.TransportResponseHandler; import org.opensearch.transport.TransportService; +import org.mockito.Mock; +import org.mockito.MockitoAnnotations; + import static java.util.Collections.emptySet; import static org.junit.Assert.assertEquals; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; -// CS-ENFORCE-SINGLE - -import java.net.InetAddress; public class SecurityInterceptorTests { diff --git a/src/test/java/org/opensearch/security/transport/SecuritySSLRequestHandlerTests.java b/src/test/java/org/opensearch/security/transport/SecuritySSLRequestHandlerTests.java index c168d06839..b6967b0e68 100644 --- a/src/test/java/org/opensearch/security/transport/SecuritySSLRequestHandlerTests.java +++ b/src/test/java/org/opensearch/security/transport/SecuritySSLRequestHandlerTests.java @@ -12,8 +12,7 @@ import org.junit.Assert; import org.junit.Before; import org.junit.Test; -import org.mockito.ArgumentMatchers; -import org.mockito.Mock; + import org.opensearch.Version; import org.opensearch.common.settings.Settings; import org.opensearch.security.ssl.SslExceptionHandler; @@ -27,6 +26,9 @@ import org.opensearch.transport.TransportRequest; import org.opensearch.transport.TransportRequestHandler; +import org.mockito.ArgumentMatchers; +import org.mockito.Mock; + import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.anyInt; import static org.mockito.Mockito.doNothing; diff --git a/src/test/java/org/opensearch/security/util/SettingsBasedSSLConfiguratorV4Test.java b/src/test/java/org/opensearch/security/util/SettingsBasedSSLConfiguratorV4Test.java index 976f085ce4..e1e3d979fd 100644 --- a/src/test/java/org/opensearch/security/util/SettingsBasedSSLConfiguratorV4Test.java +++ b/src/test/java/org/opensearch/security/util/SettingsBasedSSLConfiguratorV4Test.java @@ -24,7 +24,6 @@ import java.security.KeyStore; import java.security.cert.Certificate; import java.util.Map; - import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLException; @@ -63,15 +62,15 @@ import org.junit.Test; import org.junit.rules.ExpectedException; -import com.amazon.dlic.util.SettingsBasedSSLConfiguratorV4; -import com.amazon.dlic.util.SettingsBasedSSLConfiguratorV4.SSLConfig; - import org.opensearch.common.settings.MockSecureSettings; import org.opensearch.common.settings.Settings; import org.opensearch.security.ssl.util.SSLConfigConstants; import org.opensearch.security.test.helper.file.FileHelper; import org.opensearch.security.test.helper.network.SocketUtils; +import com.amazon.dlic.util.SettingsBasedSSLConfiguratorV4; +import com.amazon.dlic.util.SettingsBasedSSLConfiguratorV4.SSLConfig; + import static org.hamcrest.CoreMatchers.either; import static org.hamcrest.CoreMatchers.instanceOf; import static org.opensearch.security.ssl.SecureSSLSettings.SSLSetting.SECURITY_SSL_TRANSPORT_TRUSTSTORE_PASSWORD;