From e2894c767ba02bc95ff06bc1ff74d977b19bdaa6 Mon Sep 17 00:00:00 2001 From: Quentin Pradet Date: Tue, 19 Nov 2024 20:51:09 +0400 Subject: [PATCH] Use specific APIKey type for authenticate API This allows remove a number of optional fields from APIKey itself. --- output/openapi/elasticsearch-openapi.json | 235 +++--- .../elasticsearch-serverless-openapi.json | 289 +++---- output/schema/schema-serverless.json | 720 ++++++------------ output/schema/schema.json | 390 ++-------- output/typescript/types.ts | 38 +- specification/security/_types/ApiKey.ts | 119 +-- .../SecurityAuthenticateResponse.ts | 10 +- .../get_api_key/SecurityGetApiKeyResponse.ts | 4 +- .../query_api_keys/QueryApiKeysResponse.ts | 4 +- 9 files changed, 535 insertions(+), 1274 deletions(-) diff --git a/output/openapi/elasticsearch-openapi.json b/output/openapi/elasticsearch-openapi.json index b684859ea5..9c45e6f0e1 100644 --- a/output/openapi/elasticsearch-openapi.json +++ b/output/openapi/elasticsearch-openapi.json @@ -27072,7 +27072,7 @@ "type": "object", "properties": { "api_key": { - "$ref": "#/components/schemas/security._types:ApiKey" + "$ref": "#/components/schemas/security.authenticate:AuthenticateApiKey" }, "authentication_realm": { "$ref": "#/components/schemas/security._types:RealmInfo" @@ -27816,7 +27816,7 @@ "api_keys": { "type": "array", "items": { - "$ref": "#/components/schemas/security._types:ApiKeyRead" + "$ref": "#/components/schemas/security._types:ApiKey" } } }, @@ -81778,85 +81778,67 @@ "username" ] }, - "security._types:ApiKey": { + "security.authenticate:AuthenticateApiKey": { "type": "object", "properties": { - "creation": { - "description": "Creation time for the API key in milliseconds.", - "type": "number" - }, - "expiration": { - "description": "Expiration time for the API key in milliseconds.", - "type": "number" - }, "id": { "$ref": "#/components/schemas/_types:Id" }, - "invalidated": { - "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", - "type": "boolean" - }, - "invalidation": { - "$ref": "#/components/schemas/_types:EpochTimeUnitMillis" - }, + "name": { + "$ref": "#/components/schemas/_types:Name" + } + }, + "required": [ + "id" + ] + }, + "security._types:RealmInfo": { + "type": "object", + "properties": { "name": { "$ref": "#/components/schemas/_types:Name" }, - "realm": { - "description": "Realm name of the principal for which this API key was created.", - "type": "string" - }, - "realm_type": { - "description": "Realm type of the principal for which this API key was created", + "type": { "type": "string" + } + }, + "required": [ + "name", + "type" + ] + }, + "security.authenticate:Token": { + "type": "object", + "properties": { + "name": { + "$ref": "#/components/schemas/_types:Name" }, "type": { - "$ref": "#/components/schemas/security._types:ApiKeyType" - }, - "username": { - "$ref": "#/components/schemas/_types:Username" - }, - "profile_uid": { - "description": "The profile uid for the API key owner principal, if requested and if it exists", "type": "string" + } + }, + "required": [ + "name" + ] + }, + "security._types:BulkError": { + "type": "object", + "properties": { + "count": { + "description": "The number of errors", + "type": "number" }, - "metadata": { - "$ref": "#/components/schemas/_types:Metadata" - }, - "role_descriptors": { - "description": "The role descriptors assigned to this API key when it was created or last updated.\nAn empty role descriptor means the API key inherits the owner user’s permissions.", + "details": { + "description": "Details about the errors, keyed by role name", "type": "object", "additionalProperties": { - "$ref": "#/components/schemas/security._types:RoleDescriptor" - } - }, - "limited_by": { - "description": "The owner user’s permissions associated with the API key.\nIt is a point-in-time snapshot captured at creation and subsequent updates.\nAn API key’s effective permissions are an intersection of its assigned privileges and the owner user’s permissions.", - "type": "array", - "items": { - "type": "object", - "additionalProperties": { - "$ref": "#/components/schemas/security._types:RoleDescriptor" - } + "$ref": "#/components/schemas/_types:ErrorCause" } - }, - "access": { - "$ref": "#/components/schemas/security._types:Access" - }, - "_sort": { - "$ref": "#/components/schemas/_types:SortResults" } }, "required": [ - "id", - "name" - ] - }, - "security._types:ApiKeyType": { - "type": "string", - "enum": [ - "rest", - "cross_cluster" + "count", + "details" ] }, "security._types:RoleDescriptor": { @@ -82312,6 +82294,23 @@ } ] }, + "security._types:ClusterNode": { + "type": "object", + "properties": { + "name": { + "$ref": "#/components/schemas/_types:Name" + } + }, + "required": [ + "name" + ] + }, + "_types:Namespace": { + "type": "string" + }, + "_types:Service": { + "type": "string" + }, "security._types:Access": { "type": "object", "properties": { @@ -82389,72 +82388,6 @@ "names" ] }, - "security._types:RealmInfo": { - "type": "object", - "properties": { - "name": { - "$ref": "#/components/schemas/_types:Name" - }, - "type": { - "type": "string" - } - }, - "required": [ - "name", - "type" - ] - }, - "security.authenticate:Token": { - "type": "object", - "properties": { - "name": { - "$ref": "#/components/schemas/_types:Name" - }, - "type": { - "type": "string" - } - }, - "required": [ - "name" - ] - }, - "security._types:BulkError": { - "type": "object", - "properties": { - "count": { - "description": "The number of errors", - "type": "number" - }, - "details": { - "description": "Details about the errors, keyed by role name", - "type": "object", - "additionalProperties": { - "$ref": "#/components/schemas/_types:ErrorCause" - } - } - }, - "required": [ - "count", - "details" - ] - }, - "security._types:ClusterNode": { - "type": "object", - "properties": { - "name": { - "$ref": "#/components/schemas/_types:Name" - } - }, - "required": [ - "name" - ] - }, - "_types:Namespace": { - "type": "string" - }, - "_types:Service": { - "type": "string" - }, "security.create_service_token:Token": { "type": "object", "properties": { @@ -82496,9 +82429,18 @@ "value" ] }, - "security._types:ApiKeyRead": { + "security._types:ApiKey": { "type": "object", "properties": { + "id": { + "$ref": "#/components/schemas/_types:Id" + }, + "name": { + "$ref": "#/components/schemas/_types:Name" + }, + "type": { + "$ref": "#/components/schemas/security._types:ApiKeyType" + }, "creation": { "description": "Creation time for the API key in milliseconds.", "type": "number" @@ -82507,9 +82449,6 @@ "description": "Expiration time for the API key in milliseconds.", "type": "number" }, - "id": { - "$ref": "#/components/schemas/_types:Id" - }, "invalidated": { "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", "type": "boolean" @@ -82517,8 +82456,8 @@ "invalidation": { "$ref": "#/components/schemas/_types:EpochTimeUnitMillis" }, - "name": { - "$ref": "#/components/schemas/_types:Name" + "username": { + "$ref": "#/components/schemas/_types:Username" }, "realm": { "description": "Realm name of the principal for which this API key was created.", @@ -82528,16 +82467,6 @@ "description": "Realm type of the principal for which this API key was created", "type": "string" }, - "type": { - "$ref": "#/components/schemas/security._types:ApiKeyType" - }, - "username": { - "$ref": "#/components/schemas/_types:Username" - }, - "profile_uid": { - "description": "The profile uid for the API key owner principal, if requested and if it exists", - "type": "string" - }, "metadata": { "$ref": "#/components/schemas/_types:Metadata" }, @@ -82561,20 +82490,32 @@ "access": { "$ref": "#/components/schemas/security._types:Access" }, + "profile_uid": { + "description": "The profile uid for the API key owner principal, if requested and if it exists", + "type": "string" + }, "_sort": { "$ref": "#/components/schemas/_types:SortResults" } }, "required": [ - "creation", "id", - "invalidated", "name", "type", + "creation", + "invalidated", "username", + "realm", "metadata" ] }, + "security._types:ApiKeyType": { + "type": "string", + "enum": [ + "rest", + "cross_cluster" + ] + }, "security.put_privileges:Actions": { "type": "object", "properties": { @@ -91985,7 +91926,7 @@ "description": "A list of API key information.", "type": "array", "items": { - "$ref": "#/components/schemas/security._types:ApiKeyRead" + "$ref": "#/components/schemas/security._types:ApiKey" } }, "aggregations": { diff --git a/output/openapi/elasticsearch-serverless-openapi.json b/output/openapi/elasticsearch-serverless-openapi.json index bb891e6d0e..b7da156db7 100644 --- a/output/openapi/elasticsearch-serverless-openapi.json +++ b/output/openapi/elasticsearch-serverless-openapi.json @@ -16660,7 +16660,7 @@ "type": "object", "properties": { "api_key": { - "$ref": "#/components/schemas/security._types:ApiKey" + "$ref": "#/components/schemas/security.authenticate:AuthenticateApiKey" }, "authentication_realm": { "$ref": "#/components/schemas/security._types:RealmInfo" @@ -16830,7 +16830,7 @@ "api_keys": { "type": "array", "items": { - "$ref": "#/components/schemas/security._types:ApiKeyRead" + "$ref": "#/components/schemas/security._types:ApiKey" } } }, @@ -53564,87 +53564,49 @@ "_types:MapboxVectorTiles": { "type": "object" }, - "security._types:ApiKey": { + "security.authenticate:AuthenticateApiKey": { "type": "object", "properties": { - "creation": { - "description": "Creation time for the API key in milliseconds.", - "type": "number" - }, - "expiration": { - "description": "Expiration time for the API key in milliseconds.", - "type": "number" - }, "id": { "$ref": "#/components/schemas/_types:Id" }, - "invalidated": { - "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", - "type": "boolean" - }, - "invalidation": { - "$ref": "#/components/schemas/_types:EpochTimeUnitMillis" - }, + "name": { + "$ref": "#/components/schemas/_types:Name" + } + }, + "required": [ + "id" + ] + }, + "security._types:RealmInfo": { + "type": "object", + "properties": { "name": { "$ref": "#/components/schemas/_types:Name" }, - "realm": { - "description": "Realm name of the principal for which this API key was created.", - "type": "string" - }, - "realm_type": { - "description": "Realm type of the principal for which this API key was created", + "type": { "type": "string" + } + }, + "required": [ + "name", + "type" + ] + }, + "security.authenticate:Token": { + "type": "object", + "properties": { + "name": { + "$ref": "#/components/schemas/_types:Name" }, "type": { - "$ref": "#/components/schemas/security._types:ApiKeyType" - }, - "username": { - "$ref": "#/components/schemas/_types:Username" - }, - "profile_uid": { - "description": "The profile uid for the API key owner principal, if requested and if it exists", "type": "string" - }, - "metadata": { - "$ref": "#/components/schemas/_types:Metadata" - }, - "role_descriptors": { - "description": "The role descriptors assigned to this API key when it was created or last updated.\nAn empty role descriptor means the API key inherits the owner user’s permissions.", - "type": "object", - "additionalProperties": { - "$ref": "#/components/schemas/security._types:RoleDescriptor" - } - }, - "limited_by": { - "description": "The owner user’s permissions associated with the API key.\nIt is a point-in-time snapshot captured at creation and subsequent updates.\nAn API key’s effective permissions are an intersection of its assigned privileges and the owner user’s permissions.", - "type": "array", - "items": { - "type": "object", - "additionalProperties": { - "$ref": "#/components/schemas/security._types:RoleDescriptor" - } - } - }, - "access": { - "$ref": "#/components/schemas/security._types:Access" - }, - "_sort": { - "$ref": "#/components/schemas/_types:SortResults" } }, "required": [ - "id", "name" ] }, - "security._types:ApiKeyType": { - "type": "string", - "enum": [ - "rest", - "cross_cluster" - ] - }, "security._types:RoleDescriptor": { "type": "object", "properties": { @@ -53922,6 +53884,93 @@ } ] }, + "security._types:ApiKey": { + "type": "object", + "properties": { + "id": { + "$ref": "#/components/schemas/_types:Id" + }, + "name": { + "$ref": "#/components/schemas/_types:Name" + }, + "type": { + "$ref": "#/components/schemas/security._types:ApiKeyType" + }, + "creation": { + "description": "Creation time for the API key in milliseconds.", + "type": "number" + }, + "expiration": { + "description": "Expiration time for the API key in milliseconds.", + "type": "number" + }, + "invalidated": { + "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", + "type": "boolean" + }, + "invalidation": { + "$ref": "#/components/schemas/_types:EpochTimeUnitMillis" + }, + "username": { + "$ref": "#/components/schemas/_types:Username" + }, + "realm": { + "description": "Realm name of the principal for which this API key was created.", + "type": "string" + }, + "realm_type": { + "description": "Realm type of the principal for which this API key was created", + "type": "string" + }, + "metadata": { + "$ref": "#/components/schemas/_types:Metadata" + }, + "role_descriptors": { + "description": "The role descriptors assigned to this API key when it was created or last updated.\nAn empty role descriptor means the API key inherits the owner user’s permissions.", + "type": "object", + "additionalProperties": { + "$ref": "#/components/schemas/security._types:RoleDescriptor" + } + }, + "limited_by": { + "description": "The owner user’s permissions associated with the API key.\nIt is a point-in-time snapshot captured at creation and subsequent updates.\nAn API key’s effective permissions are an intersection of its assigned privileges and the owner user’s permissions.", + "type": "array", + "items": { + "type": "object", + "additionalProperties": { + "$ref": "#/components/schemas/security._types:RoleDescriptor" + } + } + }, + "access": { + "$ref": "#/components/schemas/security._types:Access" + }, + "profile_uid": { + "description": "The profile uid for the API key owner principal, if requested and if it exists", + "type": "string" + }, + "_sort": { + "$ref": "#/components/schemas/_types:SortResults" + } + }, + "required": [ + "id", + "name", + "type", + "creation", + "invalidated", + "username", + "realm", + "metadata" + ] + }, + "security._types:ApiKeyType": { + "type": "string", + "enum": [ + "rest", + "cross_cluster" + ] + }, "security._types:Access": { "type": "object", "properties": { @@ -53995,114 +54044,6 @@ "names" ] }, - "security._types:RealmInfo": { - "type": "object", - "properties": { - "name": { - "$ref": "#/components/schemas/_types:Name" - }, - "type": { - "type": "string" - } - }, - "required": [ - "name", - "type" - ] - }, - "security.authenticate:Token": { - "type": "object", - "properties": { - "name": { - "$ref": "#/components/schemas/_types:Name" - }, - "type": { - "type": "string" - } - }, - "required": [ - "name" - ] - }, - "security._types:ApiKeyRead": { - "type": "object", - "properties": { - "creation": { - "description": "Creation time for the API key in milliseconds.", - "type": "number" - }, - "expiration": { - "description": "Expiration time for the API key in milliseconds.", - "type": "number" - }, - "id": { - "$ref": "#/components/schemas/_types:Id" - }, - "invalidated": { - "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", - "type": "boolean" - }, - "invalidation": { - "$ref": "#/components/schemas/_types:EpochTimeUnitMillis" - }, - "name": { - "$ref": "#/components/schemas/_types:Name" - }, - "realm": { - "description": "Realm name of the principal for which this API key was created.", - "type": "string" - }, - "realm_type": { - "description": "Realm type of the principal for which this API key was created", - "type": "string" - }, - "type": { - "$ref": "#/components/schemas/security._types:ApiKeyType" - }, - "username": { - "$ref": "#/components/schemas/_types:Username" - }, - "profile_uid": { - "description": "The profile uid for the API key owner principal, if requested and if it exists", - "type": "string" - }, - "metadata": { - "$ref": "#/components/schemas/_types:Metadata" - }, - "role_descriptors": { - "description": "The role descriptors assigned to this API key when it was created or last updated.\nAn empty role descriptor means the API key inherits the owner user’s permissions.", - "type": "object", - "additionalProperties": { - "$ref": "#/components/schemas/security._types:RoleDescriptor" - } - }, - "limited_by": { - "description": "The owner user’s permissions associated with the API key.\nIt is a point-in-time snapshot captured at creation and subsequent updates.\nAn API key’s effective permissions are an intersection of its assigned privileges and the owner user’s permissions.", - "type": "array", - "items": { - "type": "object", - "additionalProperties": { - "$ref": "#/components/schemas/security._types:RoleDescriptor" - } - } - }, - "access": { - "$ref": "#/components/schemas/security._types:Access" - }, - "_sort": { - "$ref": "#/components/schemas/_types:SortResults" - } - }, - "required": [ - "creation", - "id", - "invalidated", - "name", - "type", - "username", - "metadata" - ] - }, "security._types:RemoteClusterPrivilege": { "type": "string" }, @@ -56638,7 +56579,7 @@ "description": "A list of API key information.", "type": "array", "items": { - "$ref": "#/components/schemas/security._types:ApiKeyRead" + "$ref": "#/components/schemas/security._types:ApiKey" } }, "aggregations": { diff --git a/output/schema/schema-serverless.json b/output/schema/schema-serverless.json index b096d72dbf..0377ac19b3 100644 --- a/output/schema/schema-serverless.json +++ b/output/schema/schema-serverless.json @@ -38522,8 +38522,8 @@ "type": { "kind": "instance_of", "type": { - "name": "ApiKey", - "namespace": "security._types" + "name": "AuthenticateApiKey", + "namespace": "security.authenticate" } } }, @@ -38677,7 +38677,7 @@ "name": "Response", "namespace": "security.authenticate" }, - "specLocation": "security/authenticate/SecurityAuthenticateResponse.ts#L25-L43" + "specLocation": "security/authenticate/SecurityAuthenticateResponse.ts#L24-L42" }, { "attachedBehaviors": [ @@ -39090,7 +39090,7 @@ "value": { "kind": "instance_of", "type": { - "name": "ApiKeyRead", + "name": "ApiKey", "namespace": "security._types" } } @@ -39974,7 +39974,7 @@ "value": { "kind": "instance_of", "type": { - "name": "ApiKeyRead", + "name": "ApiKey", "namespace": "security._types" } } @@ -102913,7 +102913,7 @@ "name": "ApiKeyType", "namespace": "security._types" }, - "specLocation": "security/_types/ApiKey.ts#L114-L117" + "specLocation": "security/_types/ApiKey.ts#L117-L120" }, { "isOpen": true, @@ -139399,36 +139399,11 @@ { "kind": "interface", "name": { - "name": "ApiKey", - "namespace": "security._types" + "name": "AuthenticateApiKey", + "namespace": "security.authenticate" }, "properties": [ { - "description": "Creation time for the API key in milliseconds.", - "name": "creation", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "long", - "namespace": "_types" - } - } - }, - { - "description": "Expiration time for the API key in milliseconds.", - "name": "expiration", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "long", - "namespace": "_types" - } - } - }, - { - "description": "Id for the API key", "name": "id", "required": true, "type": { @@ -139440,46 +139415,27 @@ } }, { - "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", - "name": "invalidated", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "boolean", - "namespace": "_builtins" - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.12.0" - } - }, - "description": "If the key has been invalidated, invalidation time in milliseconds.", - "name": "invalidation", + "name": "name", "required": false, "type": { - "generics": [ - { - "kind": "instance_of", - "type": { - "name": "UnitMillis", - "namespace": "_types" - } - } - ], "kind": "instance_of", "type": { - "name": "EpochTime", + "name": "Name", "namespace": "_types" } } - }, + } + ], + "specLocation": "security/authenticate/SecurityAuthenticateResponse.ts#L44-L47" + }, + { + "kind": "interface", + "name": { + "name": "RealmInfo", + "namespace": "security._types" + }, + "properties": [ { - "description": "Name of the API key.", "name": "name", "required": true, "type": { @@ -139491,27 +139447,8 @@ } }, { - "description": "Realm name of the principal for which this API key was created.", - "name": "realm", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.14.0" - } - }, - "description": "Realm type of the principal for which this API key was created", - "name": "realm_type", - "required": false, + "name": "type", + "required": true, "type": { "kind": "instance_of", "type": { @@ -139519,33 +139456,24 @@ "namespace": "_builtins" } } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.10.0" - } - }, - "description": "The type of the API key (e.g. `rest` or `cross_cluster`).", - "name": "type", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "ApiKeyType", - "namespace": "security._types" - } - } - }, + } + ], + "specLocation": "security/_types/RealmInfo.ts#L22-L25" + }, + { + "kind": "interface", + "name": { + "name": "Token", + "namespace": "security.authenticate" + }, + "properties": [ { - "description": "Principal for which this API key was created", - "name": "username", - "required": false, + "name": "name", + "required": true, "type": { "kind": "instance_of", "type": { - "name": "Username", + "name": "Name", "namespace": "_types" } } @@ -139554,11 +139482,10 @@ "availability": { "serverless": {}, "stack": { - "since": "8.14.0" + "since": "7.14.0" } }, - "description": "The profile uid for the API key owner principal, if requested and if it exists", - "name": "profile_uid", + "name": "type", "required": false, "type": { "kind": "instance_of", @@ -139567,111 +139494,9 @@ "namespace": "_builtins" } } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "7.13.0" - } - }, - "description": "Metadata of the API key", - "name": "metadata", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "Metadata", - "namespace": "_types" - } - } - }, - { - "description": "The role descriptors assigned to this API key when it was created or last updated.\nAn empty role descriptor means the API key inherits the owner user’s permissions.", - "name": "role_descriptors", - "required": false, - "type": { - "key": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } - }, - "kind": "dictionary_of", - "singleKey": false, - "value": { - "kind": "instance_of", - "type": { - "name": "RoleDescriptor", - "namespace": "security._types" - } - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.5.0" - } - }, - "description": "The owner user’s permissions associated with the API key.\nIt is a point-in-time snapshot captured at creation and subsequent updates.\nAn API key’s effective permissions are an intersection of its assigned privileges and the owner user’s permissions.", - "name": "limited_by", - "required": false, - "type": { - "kind": "array_of", - "value": { - "key": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } - }, - "kind": "dictionary_of", - "singleKey": false, - "value": { - "kind": "instance_of", - "type": { - "name": "RoleDescriptor", - "namespace": "security._types" - } - } - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.10.0" - } - }, - "description": "The access granted to cross-cluster API keys.\nThe access is composed of permissions for cross cluster search and cross cluster replication.\nAt least one of them must be specified.\nWhen specified, the new access assignment fully replaces the previously assigned access.", - "name": "access", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "Access", - "namespace": "security._types" - } - } - }, - { - "name": "_sort", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "SortResults", - "namespace": "_types" - } - } } ], - "specLocation": "security/_types/ApiKey.ts#L29-L112" + "specLocation": "security/authenticate/types.ts#L22-L29" }, { "kind": "interface", @@ -139991,196 +139816,24 @@ { "kind": "interface", "name": { - "name": "Access", - "namespace": "security._types" - }, - "properties": [ - { - "description": "A list of indices permission entries for cross-cluster replication.", - "name": "replication", - "required": false, - "type": { - "kind": "array_of", - "value": { - "kind": "instance_of", - "type": { - "name": "ReplicationAccess", - "namespace": "security._types" - } - } - } - }, - { - "description": "A list of indices permission entries for cross-cluster search.", - "name": "search", - "required": false, - "type": { - "kind": "array_of", - "value": { - "kind": "instance_of", - "type": { - "name": "SearchAccess", - "namespace": "security._types" - } - } - } - } - ], - "specLocation": "security/_types/Access.ts#L22-L31" - }, - { - "kind": "interface", - "name": { - "name": "ReplicationAccess", - "namespace": "security._types" - }, - "properties": [ - { - "description": "A list of indices (or index name patterns) to which the permissions in this entry apply.", - "name": "names", - "required": true, - "type": { - "items": [ - { - "kind": "instance_of", - "type": { - "name": "IndexName", - "namespace": "_types" - } - }, - { - "kind": "array_of", - "value": { - "kind": "instance_of", - "type": { - "name": "IndexName", - "namespace": "_types" - } - } - } - ], - "kind": "union_of" - } - }, - { - "description": "This needs to be set to true if the patterns in the names field should cover system indices.", - "name": "allow_restricted_indices", - "required": false, - "serverDefault": false, - "type": { - "kind": "instance_of", - "type": { - "name": "boolean", - "namespace": "_builtins" - } - } - } - ], - "specLocation": "security/_types/Privileges.ts#L418-L428" - }, - { - "kind": "interface", - "name": { - "name": "SearchAccess", - "namespace": "security._types" - }, - "properties": [ - { - "description": "The document fields that the owners of the role have read access to.", - "docId": "field-and-document-access-control", - "docUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/field-and-document-access-control.html", - "name": "field_security", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "FieldSecurity", - "namespace": "security._types" - } - } - }, - { - "description": "A list of indices (or index name patterns) to which the permissions in this entry apply.", - "name": "names", - "required": true, - "type": { - "items": [ - { - "kind": "instance_of", - "type": { - "name": "IndexName", - "namespace": "_types" - } - }, - { - "kind": "array_of", - "value": { - "kind": "instance_of", - "type": { - "name": "IndexName", - "namespace": "_types" - } - } - } - ], - "kind": "union_of" - } - }, - { - "description": "A search query that defines the documents the owners of the role have access to. A document within the specified indices must match this query for it to be accessible by the owners of the role.", - "name": "query", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "IndicesPrivilegesQuery", - "namespace": "security._types" - } - } - } - ], - "specLocation": "security/_types/Privileges.ts#L430-L450" - }, - { - "kind": "interface", - "name": { - "name": "RealmInfo", + "name": "ApiKey", "namespace": "security._types" }, "properties": [ { - "name": "name", + "description": "Id for the API key", + "name": "id", "required": true, "type": { "kind": "instance_of", "type": { - "name": "Name", + "name": "Id", "namespace": "_types" } } }, { - "name": "type", - "required": true, - "type": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } - } - } - ], - "specLocation": "security/_types/RealmInfo.ts#L22-L25" - }, - { - "kind": "interface", - "name": { - "name": "Token", - "namespace": "security.authenticate" - }, - "properties": [ - { + "description": "Name of the API key.", "name": "name", "required": true, "type": { @@ -140195,49 +139848,20 @@ "availability": { "serverless": {}, "stack": { - "since": "7.14.0" + "since": "8.10.0" } }, + "description": "The type of the API key (e.g. `rest` or `cross_cluster`).", "name": "type", - "required": false, + "required": true, "type": { "kind": "instance_of", "type": { - "name": "string", - "namespace": "_builtins" - } - } - } - ], - "specLocation": "security/authenticate/types.ts#L22-L29" - }, - { - "attachedBehaviors": [ - "OverloadOf" - ], - "behaviors": [ - { - "generics": [ - { - "kind": "instance_of", - "type": { - "name": "ApiKey", - "namespace": "security._types" - } + "name": "ApiKeyType", + "namespace": "security._types" } - ], - "type": { - "name": "OverloadOf", - "namespace": "_spec_utils" } - } - ], - "kind": "interface", - "name": { - "name": "ApiKeyRead", - "namespace": "security._types" - }, - "properties": [ + }, { "description": "Creation time for the API key in milliseconds.", "name": "creation", @@ -140262,18 +139886,6 @@ } } }, - { - "description": "Id for the API key", - "name": "id", - "required": true, - "type": { - "kind": "instance_of", - "type": { - "name": "Id", - "namespace": "_types" - } - } - }, { "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", "name": "invalidated", @@ -140314,13 +139926,13 @@ } }, { - "description": "Name of the API key.", - "name": "name", + "description": "Principal for which this API key was created", + "name": "username", "required": true, "type": { "kind": "instance_of", "type": { - "name": "Name", + "name": "Username", "namespace": "_types" } } @@ -140328,7 +139940,7 @@ { "description": "Realm name of the principal for which this API key was created.", "name": "realm", - "required": false, + "required": true, "type": { "kind": "instance_of", "type": { @@ -140355,54 +139967,6 @@ } } }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.10.0" - } - }, - "description": "The type of the API key (e.g. `rest` or `cross_cluster`).", - "name": "type", - "required": true, - "type": { - "kind": "instance_of", - "type": { - "name": "ApiKeyType", - "namespace": "security._types" - } - } - }, - { - "description": "Principal for which this API key was created", - "name": "username", - "required": true, - "type": { - "kind": "instance_of", - "type": { - "name": "Username", - "namespace": "_types" - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.14.0" - } - }, - "description": "The profile uid for the API key owner principal, if requested and if it exists", - "name": "profile_uid", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } - } - }, { "availability": { "serverless": {}, @@ -140495,6 +140059,25 @@ } }, { + "availability": { + "serverless": {}, + "stack": { + "since": "8.14.0" + } + }, + "description": "The profile uid for the API key owner principal, if requested and if it exists", + "name": "profile_uid", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "string", + "namespace": "_builtins" + } + } + }, + { + "description": "Sorting values when using the `sort` parameter with the `security.query_api_keys` API.", "name": "_sort", "required": false, "type": { @@ -140506,7 +140089,160 @@ } } ], - "specLocation": "security/_types/ApiKey.ts#L119-L202" + "specLocation": "security/_types/ApiKey.ts#L29-L115" + }, + { + "kind": "interface", + "name": { + "name": "Access", + "namespace": "security._types" + }, + "properties": [ + { + "description": "A list of indices permission entries for cross-cluster replication.", + "name": "replication", + "required": false, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "ReplicationAccess", + "namespace": "security._types" + } + } + } + }, + { + "description": "A list of indices permission entries for cross-cluster search.", + "name": "search", + "required": false, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "SearchAccess", + "namespace": "security._types" + } + } + } + } + ], + "specLocation": "security/_types/Access.ts#L22-L31" + }, + { + "kind": "interface", + "name": { + "name": "ReplicationAccess", + "namespace": "security._types" + }, + "properties": [ + { + "description": "A list of indices (or index name patterns) to which the permissions in this entry apply.", + "name": "names", + "required": true, + "type": { + "items": [ + { + "kind": "instance_of", + "type": { + "name": "IndexName", + "namespace": "_types" + } + }, + { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "IndexName", + "namespace": "_types" + } + } + } + ], + "kind": "union_of" + } + }, + { + "description": "This needs to be set to true if the patterns in the names field should cover system indices.", + "name": "allow_restricted_indices", + "required": false, + "serverDefault": false, + "type": { + "kind": "instance_of", + "type": { + "name": "boolean", + "namespace": "_builtins" + } + } + } + ], + "specLocation": "security/_types/Privileges.ts#L418-L428" + }, + { + "kind": "interface", + "name": { + "name": "SearchAccess", + "namespace": "security._types" + }, + "properties": [ + { + "description": "The document fields that the owners of the role have read access to.", + "docId": "field-and-document-access-control", + "docUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/field-and-document-access-control.html", + "name": "field_security", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "FieldSecurity", + "namespace": "security._types" + } + } + }, + { + "description": "A list of indices (or index name patterns) to which the permissions in this entry apply.", + "name": "names", + "required": true, + "type": { + "items": [ + { + "kind": "instance_of", + "type": { + "name": "IndexName", + "namespace": "_types" + } + }, + { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "IndexName", + "namespace": "_types" + } + } + } + ], + "kind": "union_of" + } + }, + { + "description": "A search query that defines the documents the owners of the role have access to. A document within the specified indices must match this query for it to be accessible by the owners of the role.", + "name": "query", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "IndicesPrivilegesQuery", + "namespace": "security._types" + } + } + } + ], + "specLocation": "security/_types/Privileges.ts#L430-L450" }, { "kind": "interface", diff --git a/output/schema/schema.json b/output/schema/schema.json index e65100d6db..7e8749f621 100644 --- a/output/schema/schema.json +++ b/output/schema/schema.json @@ -186936,30 +186936,6 @@ "namespace": "security._types" }, "properties": [ - { - "description": "Creation time for the API key in milliseconds.", - "name": "creation", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "long", - "namespace": "_types" - } - } - }, - { - "description": "Expiration time for the API key in milliseconds.", - "name": "expiration", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "long", - "namespace": "_types" - } - } - }, { "description": "Id for the API key", "name": "id", @@ -186972,45 +186948,6 @@ } } }, - { - "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", - "name": "invalidated", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "boolean", - "namespace": "_builtins" - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.12.0" - } - }, - "description": "If the key has been invalidated, invalidation time in milliseconds.", - "name": "invalidation", - "required": false, - "type": { - "kind": "instance_of", - "generics": [ - { - "kind": "instance_of", - "type": { - "name": "UnitMillis", - "namespace": "_types" - } - } - ], - "type": { - "name": "EpochTime", - "namespace": "_types" - } - } - }, { "description": "Name of the API key.", "name": "name", @@ -187023,36 +186960,6 @@ } } }, - { - "description": "Realm name of the principal for which this API key was created.", - "name": "realm", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.14.0" - } - }, - "description": "Realm type of the principal for which this API key was created", - "name": "realm_type", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } - } - }, { "availability": { "serverless": {}, @@ -187062,7 +186969,7 @@ }, "description": "The type of the API key (e.g. `rest` or `cross_cluster`).", "name": "type", - "required": false, + "required": true, "type": { "kind": "instance_of", "type": { @@ -187071,168 +186978,6 @@ } } }, - { - "description": "Principal for which this API key was created", - "name": "username", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "Username", - "namespace": "_types" - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.14.0" - } - }, - "description": "The profile uid for the API key owner principal, if requested and if it exists", - "name": "profile_uid", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "7.13.0" - } - }, - "description": "Metadata of the API key", - "name": "metadata", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "Metadata", - "namespace": "_types" - } - } - }, - { - "description": "The role descriptors assigned to this API key when it was created or last updated.\nAn empty role descriptor means the API key inherits the owner user’s permissions.", - "name": "role_descriptors", - "required": false, - "type": { - "kind": "dictionary_of", - "key": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } - }, - "singleKey": false, - "value": { - "kind": "instance_of", - "type": { - "name": "RoleDescriptor", - "namespace": "security._types" - } - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.5.0" - } - }, - "description": "The owner user’s permissions associated with the API key.\nIt is a point-in-time snapshot captured at creation and subsequent updates.\nAn API key’s effective permissions are an intersection of its assigned privileges and the owner user’s permissions.", - "name": "limited_by", - "required": false, - "type": { - "kind": "array_of", - "value": { - "kind": "dictionary_of", - "key": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } - }, - "singleKey": false, - "value": { - "kind": "instance_of", - "type": { - "name": "RoleDescriptor", - "namespace": "security._types" - } - } - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.10.0" - } - }, - "description": "The access granted to cross-cluster API keys.\nThe access is composed of permissions for cross cluster search and cross cluster replication.\nAt least one of them must be specified.\nWhen specified, the new access assignment fully replaces the previously assigned access.", - "name": "access", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "Access", - "namespace": "security._types" - } - } - }, - { - "name": "_sort", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "SortResults", - "namespace": "_types" - } - } - } - ], - "specLocation": "security/_types/ApiKey.ts#L29-L112" - }, - { - "kind": "interface", - "attachedBehaviors": [ - "OverloadOf" - ], - "behaviors": [ - { - "generics": [ - { - "kind": "instance_of", - "type": { - "name": "ApiKey", - "namespace": "security._types" - } - } - ], - "type": { - "name": "OverloadOf", - "namespace": "_spec_utils" - } - } - ], - "name": { - "name": "ApiKeyRead", - "namespace": "security._types" - }, - "properties": [ { "description": "Creation time for the API key in milliseconds.", "name": "creation", @@ -187257,18 +187002,6 @@ } } }, - { - "description": "Id for the API key", - "name": "id", - "required": true, - "type": { - "kind": "instance_of", - "type": { - "name": "Id", - "namespace": "_types" - } - } - }, { "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", "name": "invalidated", @@ -187309,13 +187042,13 @@ } }, { - "description": "Name of the API key.", - "name": "name", + "description": "Principal for which this API key was created", + "name": "username", "required": true, "type": { "kind": "instance_of", "type": { - "name": "Name", + "name": "Username", "namespace": "_types" } } @@ -187323,7 +187056,7 @@ { "description": "Realm name of the principal for which this API key was created.", "name": "realm", - "required": false, + "required": true, "type": { "kind": "instance_of", "type": { @@ -187350,54 +187083,6 @@ } } }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.10.0" - } - }, - "description": "The type of the API key (e.g. `rest` or `cross_cluster`).", - "name": "type", - "required": true, - "type": { - "kind": "instance_of", - "type": { - "name": "ApiKeyType", - "namespace": "security._types" - } - } - }, - { - "description": "Principal for which this API key was created", - "name": "username", - "required": true, - "type": { - "kind": "instance_of", - "type": { - "name": "Username", - "namespace": "_types" - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.14.0" - } - }, - "description": "The profile uid for the API key owner principal, if requested and if it exists", - "name": "profile_uid", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } - } - }, { "availability": { "serverless": {}, @@ -187490,6 +187175,25 @@ } }, { + "availability": { + "serverless": {}, + "stack": { + "since": "8.14.0" + } + }, + "description": "The profile uid for the API key owner principal, if requested and if it exists", + "name": "profile_uid", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "string", + "namespace": "_builtins" + } + } + }, + { + "description": "Sorting values when using the `sort` parameter with the `security.query_api_keys` API.", "name": "_sort", "required": false, "type": { @@ -187501,7 +187205,7 @@ } } ], - "specLocation": "security/_types/ApiKey.ts#L119-L202" + "specLocation": "security/_types/ApiKey.ts#L29-L115" }, { "kind": "enum", @@ -187517,7 +187221,7 @@ "name": "ApiKeyType", "namespace": "security._types" }, - "specLocation": "security/_types/ApiKey.ts#L114-L117" + "specLocation": "security/_types/ApiKey.ts#L117-L120" }, { "kind": "interface", @@ -190013,6 +189717,38 @@ }, "specLocation": "security/activate_user_profile/Response.ts#L22-L24" }, + { + "kind": "interface", + "name": { + "name": "AuthenticateApiKey", + "namespace": "security.authenticate" + }, + "properties": [ + { + "name": "id", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "Id", + "namespace": "_types" + } + } + }, + { + "name": "name", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "Name", + "namespace": "_types" + } + } + } + ], + "specLocation": "security/authenticate/SecurityAuthenticateResponse.ts#L44-L47" + }, { "kind": "request", "attachedBehaviors": [ @@ -190047,8 +189783,8 @@ "type": { "kind": "instance_of", "type": { - "name": "ApiKey", - "namespace": "security._types" + "name": "AuthenticateApiKey", + "namespace": "security.authenticate" } } }, @@ -190201,7 +189937,7 @@ "name": "Response", "namespace": "security.authenticate" }, - "specLocation": "security/authenticate/SecurityAuthenticateResponse.ts#L25-L43" + "specLocation": "security/authenticate/SecurityAuthenticateResponse.ts#L24-L42" }, { "kind": "interface", @@ -192602,7 +192338,7 @@ "value": { "kind": "instance_of", "type": { - "name": "ApiKeyRead", + "name": "ApiKey", "namespace": "security._types" } } @@ -196799,7 +196535,7 @@ "value": { "kind": "instance_of", "type": { - "name": "ApiKeyRead", + "name": "ApiKey", "namespace": "security._types" } } diff --git a/output/typescript/types.ts b/output/typescript/types.ts index 34cbf8eb10..8694022283 100644 --- a/output/typescript/types.ts +++ b/output/typescript/types.ts @@ -17607,40 +17607,21 @@ export interface SecurityAccess { } export interface SecurityApiKey { - creation?: long - expiration?: long id: Id - invalidated?: boolean - invalidation?: EpochTime name: Name - realm?: string - realm_type?: string - type?: SecurityApiKeyType - username?: Username - profile_uid?: string - metadata?: Metadata - role_descriptors?: Record - limited_by?: Record[] - access?: SecurityAccess - _sort?: SortResults -} - -export interface SecurityApiKeyRead { + type: SecurityApiKeyType creation: long expiration?: long - id: Id invalidated: boolean invalidation?: EpochTime - name: Name - realm?: string - realm_type?: string - type: SecurityApiKeyType username: Username - profile_uid?: string + realm: string + realm_type?: string metadata: Metadata role_descriptors?: Record limited_by?: Record[] access?: SecurityAccess + profile_uid?: string _sort?: SortResults } @@ -17867,11 +17848,16 @@ export interface SecurityActivateUserProfileRequest extends RequestBase { export type SecurityActivateUserProfileResponse = SecurityUserProfileWithMetadata +export interface SecurityAuthenticateAuthenticateApiKey { + id: Id + name?: Name +} + export interface SecurityAuthenticateRequest extends RequestBase { } export interface SecurityAuthenticateResponse { - api_key?: SecurityApiKey + api_key?: SecurityAuthenticateAuthenticateApiKey authentication_realm: SecurityRealmInfo email?: string | null full_name?: Name | null @@ -18150,7 +18136,7 @@ export interface SecurityGetApiKeyRequest extends RequestBase { } export interface SecurityGetApiKeyResponse { - api_keys: SecurityApiKeyRead[] + api_keys: SecurityApiKey[] } export interface SecurityGetBuiltinPrivilegesRequest extends RequestBase { @@ -18550,7 +18536,7 @@ export interface SecurityQueryApiKeysRequest extends RequestBase { export interface SecurityQueryApiKeysResponse { total: integer count: integer - api_keys: SecurityApiKeyRead[] + api_keys: SecurityApiKey[] aggregations?: Record } diff --git a/specification/security/_types/ApiKey.ts b/specification/security/_types/ApiKey.ts index ef69ac5d8e..7d1935307b 100644 --- a/specification/security/_types/ApiKey.ts +++ b/specification/security/_types/ApiKey.ts @@ -17,7 +17,6 @@ * under the License. */ -import { OverloadOf } from '@spec_utils/behaviors' import { Dictionary } from '@spec_utils/Dictionary' import { Id, Metadata, Name, Username } from '@_types/common' import { long } from '@_types/Numeric' @@ -27,96 +26,20 @@ import { Access } from './Access' import { RoleDescriptor } from './RoleDescriptor' export class ApiKey { - /** - * Creation time for the API key in milliseconds. - */ - creation?: long - /** - * Expiration time for the API key in milliseconds. - */ - expiration?: long /** * Id for the API key */ id: Id - /** - * Invalidation status for the API key. - * If the key has been invalidated, it has a value of `true`. Otherwise, it is `false`. - */ - invalidated?: boolean - /** - * If the key has been invalidated, invalidation time in milliseconds. - * @availability stack since=8.12.0 - * @availability serverless - */ - invalidation?: EpochTime /** * Name of the API key. */ name: Name - /** - * Realm name of the principal for which this API key was created. - */ - realm?: string - /** - * Realm type of the principal for which this API key was created - * @availability stack since=8.14.0 - * @availability serverless - */ - realm_type?: string /** * The type of the API key (e.g. `rest` or `cross_cluster`). * @availability stack since=8.10.0 * @availability serverless */ - type?: ApiKeyType - /** - * Principal for which this API key was created - */ - username?: Username - /** - * The profile uid for the API key owner principal, if requested and if it exists - * @availability stack since=8.14.0 - * @availability serverless - */ - profile_uid?: string - /** - * Metadata of the API key - * @availability stack since=7.13.0 - * @availability serverless - */ - metadata?: Metadata - /** - * The role descriptors assigned to this API key when it was created or last updated. - * An empty role descriptor means the API key inherits the owner user’s permissions. - */ - role_descriptors?: Dictionary - /** - * The owner user’s permissions associated with the API key. - * It is a point-in-time snapshot captured at creation and subsequent updates. - * An API key’s effective permissions are an intersection of its assigned privileges and the owner user’s permissions. - * @availability stack since=8.5.0 - * @availability serverless - */ - limited_by?: Array> - /** - * The access granted to cross-cluster API keys. - * The access is composed of permissions for cross cluster search and cross cluster replication. - * At least one of them must be specified. - * When specified, the new access assignment fully replaces the previously assigned access. - * @availability stack since=8.10.0 - * @availability serverless - */ - access?: Access - _sort?: SortResults -} - -export enum ApiKeyType { - rest, - cross_cluster -} - -export class ApiKeyRead implements OverloadOf { + type: ApiKeyType /** * Creation time for the API key in milliseconds. */ @@ -125,10 +48,6 @@ export class ApiKeyRead implements OverloadOf { * Expiration time for the API key in milliseconds. */ expiration?: long - /** - * Id for the API key - */ - id: Id /** * Invalidation status for the API key. * If the key has been invalidated, it has a value of `true`. Otherwise, it is `false`. @@ -141,35 +60,19 @@ export class ApiKeyRead implements OverloadOf { */ invalidation?: EpochTime /** - * Name of the API key. + * Principal for which this API key was created */ - name: Name + username: Username /** * Realm name of the principal for which this API key was created. */ - realm?: string + realm: string /** * Realm type of the principal for which this API key was created * @availability stack since=8.14.0 * @availability serverless */ realm_type?: string - /** - * The type of the API key (e.g. `rest` or `cross_cluster`). - * @availability stack since=8.10.0 - * @availability serverless - */ - type: ApiKeyType - /** - * Principal for which this API key was created - */ - username: Username - /** - * The profile uid for the API key owner principal, if requested and if it exists - * @availability stack since=8.14.0 - * @availability serverless - */ - profile_uid?: string /** * Metadata of the API key * @availability stack since=7.13.0 @@ -198,5 +101,19 @@ export class ApiKeyRead implements OverloadOf { * @availability serverless */ access?: Access + /** + * The profile uid for the API key owner principal, if requested and if it exists + * @availability stack since=8.14.0 + * @availability serverless + */ + profile_uid?: string + /** + * Sorting values when using the `sort` parameter with the `security.query_api_keys` API. + */ _sort?: SortResults } + +export enum ApiKeyType { + rest, + cross_cluster +} diff --git a/specification/security/authenticate/SecurityAuthenticateResponse.ts b/specification/security/authenticate/SecurityAuthenticateResponse.ts index a6716f45c9..75bfb082b8 100644 --- a/specification/security/authenticate/SecurityAuthenticateResponse.ts +++ b/specification/security/authenticate/SecurityAuthenticateResponse.ts @@ -17,14 +17,13 @@ * under the License. */ -import { ApiKey } from '@security/_types/ApiKey' import { RealmInfo } from '@security/_types/RealmInfo' -import { Metadata, Name, Username } from '@_types/common' +import { Id, Metadata, Name, Username } from '@_types/common' import { Token } from './types' export class Response { body: { - api_key?: ApiKey + api_key?: AuthenticateApiKey authentication_realm: RealmInfo email?: string | null full_name?: Name | null @@ -41,3 +40,8 @@ export class Response { token?: Token } } + +export class AuthenticateApiKey { + id: Id + name?: Name +} diff --git a/specification/security/get_api_key/SecurityGetApiKeyResponse.ts b/specification/security/get_api_key/SecurityGetApiKeyResponse.ts index 8f38211658..c1178b3710 100644 --- a/specification/security/get_api_key/SecurityGetApiKeyResponse.ts +++ b/specification/security/get_api_key/SecurityGetApiKeyResponse.ts @@ -17,8 +17,8 @@ * under the License. */ -import { ApiKeyRead } from '@security/_types/ApiKey' +import { ApiKey } from '@security/_types/ApiKey' export class Response { - body: { api_keys: ApiKeyRead[] } + body: { api_keys: ApiKey[] } } diff --git a/specification/security/query_api_keys/QueryApiKeysResponse.ts b/specification/security/query_api_keys/QueryApiKeysResponse.ts index e22b7c2c49..44a9fc05df 100644 --- a/specification/security/query_api_keys/QueryApiKeysResponse.ts +++ b/specification/security/query_api_keys/QueryApiKeysResponse.ts @@ -17,7 +17,7 @@ * under the License. */ -import { ApiKeyRead } from '@security/_types/ApiKey' +import { ApiKey } from '@security/_types/ApiKey' import { Dictionary } from '@spec_utils/Dictionary' import { AggregateName } from '@_types/common' import { integer } from '@_types/Numeric' @@ -36,7 +36,7 @@ export class Response { /** * A list of API key information. */ - api_keys: ApiKeyRead[] + api_keys: ApiKey[] /** * The aggregations result, if requested. */