From e0f55b04f565a5a1f301026d4a6525b49d5d7995 Mon Sep 17 00:00:00 2001 From: Quentin Pradet Date: Tue, 19 Nov 2024 13:37:19 +0400 Subject: [PATCH 1/3] Fix security.get_api_key API --- output/openapi/elasticsearch-openapi.json | 231 +++++--- .../elasticsearch-serverless-openapi.json | 172 +++++- output/schema/schema-serverless.json | 535 +++++++++++++++++- output/schema/schema.json | 382 ++++++++++++- output/typescript/types.ts | 28 +- specification/security/_types/ApiKey.ts | 114 ++++ .../get_api_key/SecurityGetApiKeyResponse.ts | 4 +- .../query_api_keys/QueryApiKeysResponse.ts | 4 +- 8 files changed, 1388 insertions(+), 82 deletions(-) diff --git a/output/openapi/elasticsearch-openapi.json b/output/openapi/elasticsearch-openapi.json index 0594e29035..4461338e53 100644 --- a/output/openapi/elasticsearch-openapi.json +++ b/output/openapi/elasticsearch-openapi.json @@ -27816,7 +27816,7 @@ "api_keys": { "type": "array", "items": { - "$ref": "#/components/schemas/security._types:ApiKey" + "$ref": "#/components/schemas/security._types:ApiKeyRead" } } }, @@ -81796,6 +81796,9 @@ "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", "type": "boolean" }, + "invalidation": { + "$ref": "#/components/schemas/_types:EpochTimeUnitMillis" + }, "name": { "$ref": "#/components/schemas/_types:Name" }, @@ -81807,6 +81810,9 @@ "description": "Realm type of the principal for which this API key was created", "type": "string" }, + "type": { + "$ref": "#/components/schemas/security._types:ApiKeyType" + }, "username": { "$ref": "#/components/schemas/_types:Username" }, @@ -81834,6 +81840,9 @@ } } }, + "access": { + "$ref": "#/components/schemas/security._types:Access" + }, "_sort": { "$ref": "#/components/schemas/_types:SortResults" } @@ -81843,6 +81852,13 @@ "name" ] }, + "security._types:ApiKeyType": { + "type": "string", + "enum": [ + "rest", + "cross_cluster" + ] + }, "security._types:RoleDescriptor": { "type": "object", "properties": { @@ -82266,72 +82282,6 @@ "resources" ] }, - "security._types:RealmInfo": { - "type": "object", - "properties": { - "name": { - "$ref": "#/components/schemas/_types:Name" - }, - "type": { - "type": "string" - } - }, - "required": [ - "name", - "type" - ] - }, - "security.authenticate:Token": { - "type": "object", - "properties": { - "name": { - "$ref": "#/components/schemas/_types:Name" - }, - "type": { - "type": "string" - } - }, - "required": [ - "name" - ] - }, - "security._types:BulkError": { - "type": "object", - "properties": { - "count": { - "description": "The number of errors", - "type": "number" - }, - "details": { - "description": "Details about the errors, keyed by role name", - "type": "object", - "additionalProperties": { - "$ref": "#/components/schemas/_types:ErrorCause" - } - } - }, - "required": [ - "count", - "details" - ] - }, - "security._types:ClusterNode": { - "type": "object", - "properties": { - "name": { - "$ref": "#/components/schemas/_types:Name" - } - }, - "required": [ - "name" - ] - }, - "_types:Namespace": { - "type": "string" - }, - "_types:Service": { - "type": "string" - }, "security._types:Access": { "type": "object", "properties": { @@ -82409,6 +82359,72 @@ "names" ] }, + "security._types:RealmInfo": { + "type": "object", + "properties": { + "name": { + "$ref": "#/components/schemas/_types:Name" + }, + "type": { + "type": "string" + } + }, + "required": [ + "name", + "type" + ] + }, + "security.authenticate:Token": { + "type": "object", + "properties": { + "name": { + "$ref": "#/components/schemas/_types:Name" + }, + "type": { + "type": "string" + } + }, + "required": [ + "name" + ] + }, + "security._types:BulkError": { + "type": "object", + "properties": { + "count": { + "description": "The number of errors", + "type": "number" + }, + "details": { + "description": "Details about the errors, keyed by role name", + "type": "object", + "additionalProperties": { + "$ref": "#/components/schemas/_types:ErrorCause" + } + } + }, + "required": [ + "count", + "details" + ] + }, + "security._types:ClusterNode": { + "type": "object", + "properties": { + "name": { + "$ref": "#/components/schemas/_types:Name" + } + }, + "required": [ + "name" + ] + }, + "_types:Namespace": { + "type": "string" + }, + "_types:Service": { + "type": "string" + }, "security.create_service_token:Token": { "type": "object", "properties": { @@ -82450,6 +82466,85 @@ "value" ] }, + "security._types:ApiKeyRead": { + "type": "object", + "properties": { + "creation": { + "description": "Creation time for the API key in milliseconds.", + "type": "number" + }, + "expiration": { + "description": "Expiration time for the API key in milliseconds.", + "type": "number" + }, + "id": { + "$ref": "#/components/schemas/_types:Id" + }, + "invalidated": { + "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", + "type": "boolean" + }, + "invalidation": { + "$ref": "#/components/schemas/_types:EpochTimeUnitMillis" + }, + "name": { + "$ref": "#/components/schemas/_types:Name" + }, + "realm": { + "description": "Realm name of the principal for which this API key was created.", + "type": "string" + }, + "realm_type": { + "description": "Realm type of the principal for which this API key was created", + "type": "string" + }, + "type": { + "$ref": "#/components/schemas/security._types:ApiKeyType" + }, + "username": { + "$ref": "#/components/schemas/_types:Username" + }, + "profile_uid": { + "description": "The profile uid for the API key owner principal, if requested and if it exists", + "type": "string" + }, + "metadata": { + "$ref": "#/components/schemas/_types:Metadata" + }, + "role_descriptors": { + "description": "The role descriptors assigned to this API key when it was created or last updated.\nAn empty role descriptor means the API key inherits the owner user’s permissions.", + "type": "object", + "additionalProperties": { + "$ref": "#/components/schemas/security._types:RoleDescriptor" + } + }, + "limited_by": { + "description": "The owner user’s permissions associated with the API key.\nIt is a point-in-time snapshot captured at creation and subsequent updates.\nAn API key’s effective permissions are an intersection of its assigned privileges and the owner user’s permissions.", + "type": "array", + "items": { + "type": "object", + "additionalProperties": { + "$ref": "#/components/schemas/security._types:RoleDescriptor" + } + } + }, + "access": { + "$ref": "#/components/schemas/security._types:Access" + }, + "_sort": { + "$ref": "#/components/schemas/_types:SortResults" + } + }, + "required": [ + "creation", + "id", + "invalidated", + "name", + "type", + "username", + "metadata" + ] + }, "security.put_privileges:Actions": { "type": "object", "properties": { @@ -91857,7 +91952,7 @@ "description": "A list of API key information.", "type": "array", "items": { - "$ref": "#/components/schemas/security._types:ApiKey" + "$ref": "#/components/schemas/security._types:ApiKeyRead" } }, "aggregations": { diff --git a/output/openapi/elasticsearch-serverless-openapi.json b/output/openapi/elasticsearch-serverless-openapi.json index 207ff5cf20..6b5e4dc724 100644 --- a/output/openapi/elasticsearch-serverless-openapi.json +++ b/output/openapi/elasticsearch-serverless-openapi.json @@ -16830,7 +16830,7 @@ "api_keys": { "type": "array", "items": { - "$ref": "#/components/schemas/security._types:ApiKey" + "$ref": "#/components/schemas/security._types:ApiKeyRead" } } }, @@ -53582,6 +53582,9 @@ "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", "type": "boolean" }, + "invalidation": { + "$ref": "#/components/schemas/_types:EpochTimeUnitMillis" + }, "name": { "$ref": "#/components/schemas/_types:Name" }, @@ -53593,6 +53596,9 @@ "description": "Realm type of the principal for which this API key was created", "type": "string" }, + "type": { + "$ref": "#/components/schemas/security._types:ApiKeyType" + }, "username": { "$ref": "#/components/schemas/_types:Username" }, @@ -53620,6 +53626,9 @@ } } }, + "access": { + "$ref": "#/components/schemas/security._types:Access" + }, "_sort": { "$ref": "#/components/schemas/_types:SortResults" } @@ -53629,6 +53638,13 @@ "name" ] }, + "security._types:ApiKeyType": { + "type": "string", + "enum": [ + "rest", + "cross_cluster" + ] + }, "security._types:RoleDescriptor": { "type": "object", "properties": { @@ -53876,6 +53892,79 @@ "resources" ] }, + "security._types:Access": { + "type": "object", + "properties": { + "replication": { + "description": "A list of indices permission entries for cross-cluster replication.", + "type": "array", + "items": { + "$ref": "#/components/schemas/security._types:ReplicationAccess" + } + }, + "search": { + "description": "A list of indices permission entries for cross-cluster search.", + "type": "array", + "items": { + "$ref": "#/components/schemas/security._types:SearchAccess" + } + } + } + }, + "security._types:ReplicationAccess": { + "type": "object", + "properties": { + "names": { + "description": "A list of indices (or index name patterns) to which the permissions in this entry apply.", + "oneOf": [ + { + "$ref": "#/components/schemas/_types:IndexName" + }, + { + "type": "array", + "items": { + "$ref": "#/components/schemas/_types:IndexName" + } + } + ] + }, + "allow_restricted_indices": { + "description": "This needs to be set to true if the patterns in the names field should cover system indices.", + "type": "boolean" + } + }, + "required": [ + "names" + ] + }, + "security._types:SearchAccess": { + "type": "object", + "properties": { + "field_security": { + "$ref": "#/components/schemas/security._types:FieldSecurity" + }, + "names": { + "description": "A list of indices (or index name patterns) to which the permissions in this entry apply.", + "oneOf": [ + { + "$ref": "#/components/schemas/_types:IndexName" + }, + { + "type": "array", + "items": { + "$ref": "#/components/schemas/_types:IndexName" + } + } + ] + }, + "query": { + "$ref": "#/components/schemas/security._types:IndicesPrivilegesQuery" + } + }, + "required": [ + "names" + ] + }, "security._types:RealmInfo": { "type": "object", "properties": { @@ -53905,6 +53994,85 @@ "name" ] }, + "security._types:ApiKeyRead": { + "type": "object", + "properties": { + "creation": { + "description": "Creation time for the API key in milliseconds.", + "type": "number" + }, + "expiration": { + "description": "Expiration time for the API key in milliseconds.", + "type": "number" + }, + "id": { + "$ref": "#/components/schemas/_types:Id" + }, + "invalidated": { + "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", + "type": "boolean" + }, + "invalidation": { + "$ref": "#/components/schemas/_types:EpochTimeUnitMillis" + }, + "name": { + "$ref": "#/components/schemas/_types:Name" + }, + "realm": { + "description": "Realm name of the principal for which this API key was created.", + "type": "string" + }, + "realm_type": { + "description": "Realm type of the principal for which this API key was created", + "type": "string" + }, + "type": { + "$ref": "#/components/schemas/security._types:ApiKeyType" + }, + "username": { + "$ref": "#/components/schemas/_types:Username" + }, + "profile_uid": { + "description": "The profile uid for the API key owner principal, if requested and if it exists", + "type": "string" + }, + "metadata": { + "$ref": "#/components/schemas/_types:Metadata" + }, + "role_descriptors": { + "description": "The role descriptors assigned to this API key when it was created or last updated.\nAn empty role descriptor means the API key inherits the owner user’s permissions.", + "type": "object", + "additionalProperties": { + "$ref": "#/components/schemas/security._types:RoleDescriptor" + } + }, + "limited_by": { + "description": "The owner user’s permissions associated with the API key.\nIt is a point-in-time snapshot captured at creation and subsequent updates.\nAn API key’s effective permissions are an intersection of its assigned privileges and the owner user’s permissions.", + "type": "array", + "items": { + "type": "object", + "additionalProperties": { + "$ref": "#/components/schemas/security._types:RoleDescriptor" + } + } + }, + "access": { + "$ref": "#/components/schemas/security._types:Access" + }, + "_sort": { + "$ref": "#/components/schemas/_types:SortResults" + } + }, + "required": [ + "creation", + "id", + "invalidated", + "name", + "type", + "username", + "metadata" + ] + }, "security._types:RemoteClusterPrivilege": { "type": "string" }, @@ -56440,7 +56608,7 @@ "description": "A list of API key information.", "type": "array", "items": { - "$ref": "#/components/schemas/security._types:ApiKey" + "$ref": "#/components/schemas/security._types:ApiKeyRead" } }, "aggregations": { diff --git a/output/schema/schema-serverless.json b/output/schema/schema-serverless.json index ce8606ead2..e96d960ae5 100644 --- a/output/schema/schema-serverless.json +++ b/output/schema/schema-serverless.json @@ -39090,7 +39090,7 @@ "value": { "kind": "instance_of", "type": { - "name": "ApiKey", + "name": "ApiKeyRead", "namespace": "security._types" } } @@ -39974,7 +39974,7 @@ "value": { "kind": "instance_of", "type": { - "name": "ApiKey", + "name": "ApiKeyRead", "namespace": "security._types" } } @@ -102899,6 +102899,22 @@ }, "specLocation": "searchable_snapshots/_types/stats.ts#L20-L24" }, + { + "kind": "enum", + "members": [ + { + "name": "rest" + }, + { + "name": "cross_cluster" + } + ], + "name": { + "name": "ApiKeyType", + "namespace": "security._types" + }, + "specLocation": "security/_types/ApiKey.ts#L114-L117" + }, { "isOpen": true, "kind": "enum", @@ -139421,6 +139437,33 @@ } } }, + { + "availability": { + "serverless": {}, + "stack": { + "since": "8.12.0" + } + }, + "description": "If the key has been invalidated, invalidation time in milliseconds.", + "name": "invalidation", + "required": false, + "type": { + "generics": [ + { + "kind": "instance_of", + "type": { + "name": "UnitMillis", + "namespace": "_types" + } + } + ], + "kind": "instance_of", + "type": { + "name": "EpochTime", + "namespace": "_types" + } + } + }, { "description": "Name of the API key.", "name": "name", @@ -139463,6 +139506,24 @@ } } }, + { + "availability": { + "serverless": {}, + "stack": { + "since": "8.10.0" + } + }, + "description": "The type of the API key (e.g. `rest` or `cross_cluster`).", + "name": "type", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "ApiKeyType", + "namespace": "security._types" + } + } + }, { "description": "Principal for which this API key was created", "name": "username", @@ -139566,6 +139627,24 @@ } } }, + { + "availability": { + "serverless": {}, + "stack": { + "since": "8.10.0" + } + }, + "description": "The access granted to cross-cluster API keys.\nThe access is composed of permissions for cross cluster search and cross cluster replication.\nAt least one of them must be specified.\nWhen specified, the new access assignment fully replaces the previously assigned access.", + "name": "access", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "Access", + "namespace": "security._types" + } + } + }, { "name": "_sort", "required": false, @@ -139578,7 +139657,7 @@ } } ], - "specLocation": "security/_types/ApiKey.ts#L26-L88" + "specLocation": "security/_types/ApiKey.ts#L29-L112" }, { "kind": "interface", @@ -139859,6 +139938,159 @@ ], "specLocation": "security/_types/Privileges.ts#L27-L40" }, + { + "kind": "interface", + "name": { + "name": "Access", + "namespace": "security._types" + }, + "properties": [ + { + "description": "A list of indices permission entries for cross-cluster replication.", + "name": "replication", + "required": false, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "ReplicationAccess", + "namespace": "security._types" + } + } + } + }, + { + "description": "A list of indices permission entries for cross-cluster search.", + "name": "search", + "required": false, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "SearchAccess", + "namespace": "security._types" + } + } + } + } + ], + "specLocation": "security/_types/Access.ts#L22-L31" + }, + { + "kind": "interface", + "name": { + "name": "ReplicationAccess", + "namespace": "security._types" + }, + "properties": [ + { + "description": "A list of indices (or index name patterns) to which the permissions in this entry apply.", + "name": "names", + "required": true, + "type": { + "items": [ + { + "kind": "instance_of", + "type": { + "name": "IndexName", + "namespace": "_types" + } + }, + { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "IndexName", + "namespace": "_types" + } + } + } + ], + "kind": "union_of" + } + }, + { + "description": "This needs to be set to true if the patterns in the names field should cover system indices.", + "name": "allow_restricted_indices", + "required": false, + "serverDefault": false, + "type": { + "kind": "instance_of", + "type": { + "name": "boolean", + "namespace": "_builtins" + } + } + } + ], + "specLocation": "security/_types/Privileges.ts#L418-L428" + }, + { + "kind": "interface", + "name": { + "name": "SearchAccess", + "namespace": "security._types" + }, + "properties": [ + { + "description": "The document fields that the owners of the role have read access to.", + "docId": "field-and-document-access-control", + "docUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/field-and-document-access-control.html", + "name": "field_security", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "FieldSecurity", + "namespace": "security._types" + } + } + }, + { + "description": "A list of indices (or index name patterns) to which the permissions in this entry apply.", + "name": "names", + "required": true, + "type": { + "items": [ + { + "kind": "instance_of", + "type": { + "name": "IndexName", + "namespace": "_types" + } + }, + { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "IndexName", + "namespace": "_types" + } + } + } + ], + "kind": "union_of" + } + }, + { + "description": "A search query that defines the documents the owners of the role have access to. A document within the specified indices must match this query for it to be accessible by the owners of the role.", + "name": "query", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "IndicesPrivilegesQuery", + "namespace": "security._types" + } + } + } + ], + "specLocation": "security/_types/Privileges.ts#L430-L450" + }, { "kind": "interface", "name": { @@ -139929,6 +140161,303 @@ ], "specLocation": "security/authenticate/types.ts#L22-L29" }, + { + "attachedBehaviors": [ + "OverloadOf" + ], + "behaviors": [ + { + "generics": [ + { + "kind": "instance_of", + "type": { + "name": "ApiKey", + "namespace": "security._types" + } + } + ], + "type": { + "name": "OverloadOf", + "namespace": "_spec_utils" + } + } + ], + "kind": "interface", + "name": { + "name": "ApiKeyRead", + "namespace": "security._types" + }, + "properties": [ + { + "description": "Creation time for the API key in milliseconds.", + "name": "creation", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "long", + "namespace": "_types" + } + } + }, + { + "description": "Expiration time for the API key in milliseconds.", + "name": "expiration", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "long", + "namespace": "_types" + } + } + }, + { + "description": "Id for the API key", + "name": "id", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "Id", + "namespace": "_types" + } + } + }, + { + "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", + "name": "invalidated", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "boolean", + "namespace": "_builtins" + } + } + }, + { + "availability": { + "serverless": {}, + "stack": { + "since": "8.12.0" + } + }, + "description": "If the key has been invalidated, invalidation time in milliseconds.", + "name": "invalidation", + "required": false, + "type": { + "generics": [ + { + "kind": "instance_of", + "type": { + "name": "UnitMillis", + "namespace": "_types" + } + } + ], + "kind": "instance_of", + "type": { + "name": "EpochTime", + "namespace": "_types" + } + } + }, + { + "description": "Name of the API key.", + "name": "name", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "Name", + "namespace": "_types" + } + } + }, + { + "description": "Realm name of the principal for which this API key was created.", + "name": "realm", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "string", + "namespace": "_builtins" + } + } + }, + { + "availability": { + "serverless": {}, + "stack": { + "since": "8.14.0" + } + }, + "description": "Realm type of the principal for which this API key was created", + "name": "realm_type", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "string", + "namespace": "_builtins" + } + } + }, + { + "availability": { + "serverless": {}, + "stack": { + "since": "8.10.0" + } + }, + "description": "The type of the API key (e.g. `rest` or `cross_cluster`).", + "name": "type", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "ApiKeyType", + "namespace": "security._types" + } + } + }, + { + "description": "Principal for which this API key was created", + "name": "username", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "Username", + "namespace": "_types" + } + } + }, + { + "availability": { + "serverless": {}, + "stack": { + "since": "8.14.0" + } + }, + "description": "The profile uid for the API key owner principal, if requested and if it exists", + "name": "profile_uid", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "string", + "namespace": "_builtins" + } + } + }, + { + "availability": { + "serverless": {}, + "stack": { + "since": "7.13.0" + } + }, + "description": "Metadata of the API key", + "name": "metadata", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "Metadata", + "namespace": "_types" + } + } + }, + { + "description": "The role descriptors assigned to this API key when it was created or last updated.\nAn empty role descriptor means the API key inherits the owner user’s permissions.", + "name": "role_descriptors", + "required": false, + "type": { + "key": { + "kind": "instance_of", + "type": { + "name": "string", + "namespace": "_builtins" + } + }, + "kind": "dictionary_of", + "singleKey": false, + "value": { + "kind": "instance_of", + "type": { + "name": "RoleDescriptor", + "namespace": "security._types" + } + } + } + }, + { + "availability": { + "serverless": {}, + "stack": { + "since": "8.5.0" + } + }, + "description": "The owner user’s permissions associated with the API key.\nIt is a point-in-time snapshot captured at creation and subsequent updates.\nAn API key’s effective permissions are an intersection of its assigned privileges and the owner user’s permissions.", + "name": "limited_by", + "required": false, + "type": { + "kind": "array_of", + "value": { + "key": { + "kind": "instance_of", + "type": { + "name": "string", + "namespace": "_builtins" + } + }, + "kind": "dictionary_of", + "singleKey": false, + "value": { + "kind": "instance_of", + "type": { + "name": "RoleDescriptor", + "namespace": "security._types" + } + } + } + } + }, + { + "availability": { + "serverless": {}, + "stack": { + "since": "8.10.0" + } + }, + "description": "The access granted to cross-cluster API keys.\nThe access is composed of permissions for cross cluster search and cross cluster replication.\nAt least one of them must be specified.\nWhen specified, the new access assignment fully replaces the previously assigned access.", + "name": "access", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "Access", + "namespace": "security._types" + } + } + }, + { + "name": "_sort", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "SortResults", + "namespace": "_types" + } + } + } + ], + "specLocation": "security/_types/ApiKey.ts#L119-L196" + }, { "kind": "interface", "name": { diff --git a/output/schema/schema.json b/output/schema/schema.json index 19883250b5..70a543e203 100644 --- a/output/schema/schema.json +++ b/output/schema/schema.json @@ -186984,6 +186984,33 @@ } } }, + { + "availability": { + "serverless": {}, + "stack": { + "since": "8.12.0" + } + }, + "description": "If the key has been invalidated, invalidation time in milliseconds.", + "name": "invalidation", + "required": false, + "type": { + "kind": "instance_of", + "generics": [ + { + "kind": "instance_of", + "type": { + "name": "UnitMillis", + "namespace": "_types" + } + } + ], + "type": { + "name": "EpochTime", + "namespace": "_types" + } + } + }, { "description": "Name of the API key.", "name": "name", @@ -187026,6 +187053,24 @@ } } }, + { + "availability": { + "serverless": {}, + "stack": { + "since": "8.10.0" + } + }, + "description": "The type of the API key (e.g. `rest` or `cross_cluster`).", + "name": "type", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "ApiKeyType", + "namespace": "security._types" + } + } + }, { "description": "Principal for which this API key was created", "name": "username", @@ -187129,6 +187174,321 @@ } } }, + { + "availability": { + "serverless": {}, + "stack": { + "since": "8.10.0" + } + }, + "description": "The access granted to cross-cluster API keys.\nThe access is composed of permissions for cross cluster search and cross cluster replication.\nAt least one of them must be specified.\nWhen specified, the new access assignment fully replaces the previously assigned access.", + "name": "access", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "Access", + "namespace": "security._types" + } + } + }, + { + "name": "_sort", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "SortResults", + "namespace": "_types" + } + } + } + ], + "specLocation": "security/_types/ApiKey.ts#L29-L112" + }, + { + "kind": "interface", + "attachedBehaviors": [ + "OverloadOf" + ], + "behaviors": [ + { + "generics": [ + { + "kind": "instance_of", + "type": { + "name": "ApiKey", + "namespace": "security._types" + } + } + ], + "type": { + "name": "OverloadOf", + "namespace": "_spec_utils" + } + } + ], + "name": { + "name": "ApiKeyRead", + "namespace": "security._types" + }, + "properties": [ + { + "description": "Creation time for the API key in milliseconds.", + "name": "creation", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "long", + "namespace": "_types" + } + } + }, + { + "description": "Expiration time for the API key in milliseconds.", + "name": "expiration", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "long", + "namespace": "_types" + } + } + }, + { + "description": "Id for the API key", + "name": "id", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "Id", + "namespace": "_types" + } + } + }, + { + "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", + "name": "invalidated", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "boolean", + "namespace": "_builtins" + } + } + }, + { + "availability": { + "serverless": {}, + "stack": { + "since": "8.12.0" + } + }, + "description": "If the key has been invalidated, invalidation time in milliseconds.", + "name": "invalidation", + "required": false, + "type": { + "kind": "instance_of", + "generics": [ + { + "kind": "instance_of", + "type": { + "name": "UnitMillis", + "namespace": "_types" + } + } + ], + "type": { + "name": "EpochTime", + "namespace": "_types" + } + } + }, + { + "description": "Name of the API key.", + "name": "name", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "Name", + "namespace": "_types" + } + } + }, + { + "description": "Realm name of the principal for which this API key was created.", + "name": "realm", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "string", + "namespace": "_builtins" + } + } + }, + { + "availability": { + "serverless": {}, + "stack": { + "since": "8.14.0" + } + }, + "description": "Realm type of the principal for which this API key was created", + "name": "realm_type", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "string", + "namespace": "_builtins" + } + } + }, + { + "availability": { + "serverless": {}, + "stack": { + "since": "8.10.0" + } + }, + "description": "The type of the API key (e.g. `rest` or `cross_cluster`).", + "name": "type", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "ApiKeyType", + "namespace": "security._types" + } + } + }, + { + "description": "Principal for which this API key was created", + "name": "username", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "Username", + "namespace": "_types" + } + } + }, + { + "availability": { + "serverless": {}, + "stack": { + "since": "8.14.0" + } + }, + "description": "The profile uid for the API key owner principal, if requested and if it exists", + "name": "profile_uid", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "string", + "namespace": "_builtins" + } + } + }, + { + "availability": { + "serverless": {}, + "stack": { + "since": "7.13.0" + } + }, + "description": "Metadata of the API key", + "name": "metadata", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "Metadata", + "namespace": "_types" + } + } + }, + { + "description": "The role descriptors assigned to this API key when it was created or last updated.\nAn empty role descriptor means the API key inherits the owner user’s permissions.", + "name": "role_descriptors", + "required": false, + "type": { + "kind": "dictionary_of", + "key": { + "kind": "instance_of", + "type": { + "name": "string", + "namespace": "_builtins" + } + }, + "singleKey": false, + "value": { + "kind": "instance_of", + "type": { + "name": "RoleDescriptor", + "namespace": "security._types" + } + } + } + }, + { + "availability": { + "serverless": {}, + "stack": { + "since": "8.5.0" + } + }, + "description": "The owner user’s permissions associated with the API key.\nIt is a point-in-time snapshot captured at creation and subsequent updates.\nAn API key’s effective permissions are an intersection of its assigned privileges and the owner user’s permissions.", + "name": "limited_by", + "required": false, + "type": { + "kind": "array_of", + "value": { + "kind": "dictionary_of", + "key": { + "kind": "instance_of", + "type": { + "name": "string", + "namespace": "_builtins" + } + }, + "singleKey": false, + "value": { + "kind": "instance_of", + "type": { + "name": "RoleDescriptor", + "namespace": "security._types" + } + } + } + } + }, + { + "availability": { + "serverless": {}, + "stack": { + "since": "8.10.0" + } + }, + "description": "The access granted to cross-cluster API keys.\nThe access is composed of permissions for cross cluster search and cross cluster replication.\nAt least one of them must be specified.\nWhen specified, the new access assignment fully replaces the previously assigned access.", + "name": "access", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "Access", + "namespace": "security._types" + } + } + }, { "name": "_sort", "required": false, @@ -187141,7 +187501,23 @@ } } ], - "specLocation": "security/_types/ApiKey.ts#L26-L88" + "specLocation": "security/_types/ApiKey.ts#L119-L196" + }, + { + "kind": "enum", + "members": [ + { + "name": "rest" + }, + { + "name": "cross_cluster" + } + ], + "name": { + "name": "ApiKeyType", + "namespace": "security._types" + }, + "specLocation": "security/_types/ApiKey.ts#L114-L117" }, { "kind": "interface", @@ -192164,7 +192540,7 @@ "value": { "kind": "instance_of", "type": { - "name": "ApiKey", + "name": "ApiKeyRead", "namespace": "security._types" } } @@ -196361,7 +196737,7 @@ "value": { "kind": "instance_of", "type": { - "name": "ApiKey", + "name": "ApiKeyRead", "namespace": "security._types" } } diff --git a/output/typescript/types.ts b/output/typescript/types.ts index 0b40137e2c..d697f01cab 100644 --- a/output/typescript/types.ts +++ b/output/typescript/types.ts @@ -17611,17 +17611,41 @@ export interface SecurityApiKey { expiration?: long id: Id invalidated?: boolean + invalidation?: EpochTime name: Name realm?: string realm_type?: string + type?: SecurityApiKeyType username?: Username profile_uid?: string metadata?: Metadata role_descriptors?: Record limited_by?: Record[] + access?: SecurityAccess _sort?: SortResults } +export interface SecurityApiKeyRead { + creation: long + expiration?: long + id: Id + invalidated: boolean + invalidation?: EpochTime + name: Name + realm?: string + realm_type?: string + type: SecurityApiKeyType + username: Username + profile_uid?: string + metadata: Metadata + role_descriptors?: Record + limited_by?: Record[] + access?: SecurityAccess + _sort?: SortResults +} + +export type SecurityApiKeyType = 'rest' | 'cross_cluster' + export interface SecurityApplicationGlobalUserPrivileges { manage: SecurityManageUserPrivileges } @@ -18118,7 +18142,7 @@ export interface SecurityGetApiKeyRequest extends RequestBase { } export interface SecurityGetApiKeyResponse { - api_keys: SecurityApiKey[] + api_keys: SecurityApiKeyRead[] } export interface SecurityGetBuiltinPrivilegesRequest extends RequestBase { @@ -18518,7 +18542,7 @@ export interface SecurityQueryApiKeysRequest extends RequestBase { export interface SecurityQueryApiKeysResponse { total: integer count: integer - api_keys: SecurityApiKey[] + api_keys: SecurityApiKeyRead[] aggregations?: Record } diff --git a/specification/security/_types/ApiKey.ts b/specification/security/_types/ApiKey.ts index 9d7135c25b..ef69ac5d8e 100644 --- a/specification/security/_types/ApiKey.ts +++ b/specification/security/_types/ApiKey.ts @@ -17,10 +17,13 @@ * under the License. */ +import { OverloadOf } from '@spec_utils/behaviors' import { Dictionary } from '@spec_utils/Dictionary' import { Id, Metadata, Name, Username } from '@_types/common' import { long } from '@_types/Numeric' import { SortResults } from '@_types/sort' +import { EpochTime, UnitMillis } from '@_types/Time' +import { Access } from './Access' import { RoleDescriptor } from './RoleDescriptor' export class ApiKey { @@ -41,6 +44,12 @@ export class ApiKey { * If the key has been invalidated, it has a value of `true`. Otherwise, it is `false`. */ invalidated?: boolean + /** + * If the key has been invalidated, invalidation time in milliseconds. + * @availability stack since=8.12.0 + * @availability serverless + */ + invalidation?: EpochTime /** * Name of the API key. */ @@ -55,6 +64,12 @@ export class ApiKey { * @availability serverless */ realm_type?: string + /** + * The type of the API key (e.g. `rest` or `cross_cluster`). + * @availability stack since=8.10.0 + * @availability serverless + */ + type?: ApiKeyType /** * Principal for which this API key was created */ @@ -84,5 +99,104 @@ export class ApiKey { * @availability serverless */ limited_by?: Array> + /** + * The access granted to cross-cluster API keys. + * The access is composed of permissions for cross cluster search and cross cluster replication. + * At least one of them must be specified. + * When specified, the new access assignment fully replaces the previously assigned access. + * @availability stack since=8.10.0 + * @availability serverless + */ + access?: Access + _sort?: SortResults +} + +export enum ApiKeyType { + rest, + cross_cluster +} + +export class ApiKeyRead implements OverloadOf { + /** + * Creation time for the API key in milliseconds. + */ + creation: long + /** + * Expiration time for the API key in milliseconds. + */ + expiration?: long + /** + * Id for the API key + */ + id: Id + /** + * Invalidation status for the API key. + * If the key has been invalidated, it has a value of `true`. Otherwise, it is `false`. + */ + invalidated: boolean + /** + * If the key has been invalidated, invalidation time in milliseconds. + * @availability stack since=8.12.0 + * @availability serverless + */ + invalidation?: EpochTime + /** + * Name of the API key. + */ + name: Name + /** + * Realm name of the principal for which this API key was created. + */ + realm?: string + /** + * Realm type of the principal for which this API key was created + * @availability stack since=8.14.0 + * @availability serverless + */ + realm_type?: string + /** + * The type of the API key (e.g. `rest` or `cross_cluster`). + * @availability stack since=8.10.0 + * @availability serverless + */ + type: ApiKeyType + /** + * Principal for which this API key was created + */ + username: Username + /** + * The profile uid for the API key owner principal, if requested and if it exists + * @availability stack since=8.14.0 + * @availability serverless + */ + profile_uid?: string + /** + * Metadata of the API key + * @availability stack since=7.13.0 + * @availability serverless + */ + metadata: Metadata + /** + * The role descriptors assigned to this API key when it was created or last updated. + * An empty role descriptor means the API key inherits the owner user’s permissions. + */ + role_descriptors?: Dictionary + /** + * The owner user’s permissions associated with the API key. + * It is a point-in-time snapshot captured at creation and subsequent updates. + * An API key’s effective permissions are an intersection of its assigned privileges and the owner user’s permissions. + * @availability stack since=8.5.0 + * @availability serverless + */ + limited_by?: Array> + /** + * The access granted to cross-cluster API keys. + * The access is composed of permissions for cross cluster search and cross cluster replication. + * At least one of them must be specified. + * When specified, the new access assignment fully replaces the previously assigned access. + * @availability stack since=8.10.0 + * @availability serverless + */ + access?: Access _sort?: SortResults } diff --git a/specification/security/get_api_key/SecurityGetApiKeyResponse.ts b/specification/security/get_api_key/SecurityGetApiKeyResponse.ts index c1178b3710..8f38211658 100644 --- a/specification/security/get_api_key/SecurityGetApiKeyResponse.ts +++ b/specification/security/get_api_key/SecurityGetApiKeyResponse.ts @@ -17,8 +17,8 @@ * under the License. */ -import { ApiKey } from '@security/_types/ApiKey' +import { ApiKeyRead } from '@security/_types/ApiKey' export class Response { - body: { api_keys: ApiKey[] } + body: { api_keys: ApiKeyRead[] } } diff --git a/specification/security/query_api_keys/QueryApiKeysResponse.ts b/specification/security/query_api_keys/QueryApiKeysResponse.ts index 44a9fc05df..e22b7c2c49 100644 --- a/specification/security/query_api_keys/QueryApiKeysResponse.ts +++ b/specification/security/query_api_keys/QueryApiKeysResponse.ts @@ -17,7 +17,7 @@ * under the License. */ -import { ApiKey } from '@security/_types/ApiKey' +import { ApiKeyRead } from '@security/_types/ApiKey' import { Dictionary } from '@spec_utils/Dictionary' import { AggregateName } from '@_types/common' import { integer } from '@_types/Numeric' @@ -36,7 +36,7 @@ export class Response { /** * A list of API key information. */ - api_keys: ApiKey[] + api_keys: ApiKeyRead[] /** * The aggregations result, if requested. */ From e2894c767ba02bc95ff06bc1ff74d977b19bdaa6 Mon Sep 17 00:00:00 2001 From: Quentin Pradet Date: Tue, 19 Nov 2024 20:51:09 +0400 Subject: [PATCH 2/3] Use specific APIKey type for authenticate API This allows remove a number of optional fields from APIKey itself. --- output/openapi/elasticsearch-openapi.json | 235 +++--- .../elasticsearch-serverless-openapi.json | 289 +++---- output/schema/schema-serverless.json | 720 ++++++------------ output/schema/schema.json | 390 ++-------- output/typescript/types.ts | 38 +- specification/security/_types/ApiKey.ts | 119 +-- .../SecurityAuthenticateResponse.ts | 10 +- .../get_api_key/SecurityGetApiKeyResponse.ts | 4 +- .../query_api_keys/QueryApiKeysResponse.ts | 4 +- 9 files changed, 535 insertions(+), 1274 deletions(-) diff --git a/output/openapi/elasticsearch-openapi.json b/output/openapi/elasticsearch-openapi.json index b684859ea5..9c45e6f0e1 100644 --- a/output/openapi/elasticsearch-openapi.json +++ b/output/openapi/elasticsearch-openapi.json @@ -27072,7 +27072,7 @@ "type": "object", "properties": { "api_key": { - "$ref": "#/components/schemas/security._types:ApiKey" + "$ref": "#/components/schemas/security.authenticate:AuthenticateApiKey" }, "authentication_realm": { "$ref": "#/components/schemas/security._types:RealmInfo" @@ -27816,7 +27816,7 @@ "api_keys": { "type": "array", "items": { - "$ref": "#/components/schemas/security._types:ApiKeyRead" + "$ref": "#/components/schemas/security._types:ApiKey" } } }, @@ -81778,85 +81778,67 @@ "username" ] }, - "security._types:ApiKey": { + "security.authenticate:AuthenticateApiKey": { "type": "object", "properties": { - "creation": { - "description": "Creation time for the API key in milliseconds.", - "type": "number" - }, - "expiration": { - "description": "Expiration time for the API key in milliseconds.", - "type": "number" - }, "id": { "$ref": "#/components/schemas/_types:Id" }, - "invalidated": { - "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", - "type": "boolean" - }, - "invalidation": { - "$ref": "#/components/schemas/_types:EpochTimeUnitMillis" - }, + "name": { + "$ref": "#/components/schemas/_types:Name" + } + }, + "required": [ + "id" + ] + }, + "security._types:RealmInfo": { + "type": "object", + "properties": { "name": { "$ref": "#/components/schemas/_types:Name" }, - "realm": { - "description": "Realm name of the principal for which this API key was created.", - "type": "string" - }, - "realm_type": { - "description": "Realm type of the principal for which this API key was created", + "type": { "type": "string" + } + }, + "required": [ + "name", + "type" + ] + }, + "security.authenticate:Token": { + "type": "object", + "properties": { + "name": { + "$ref": "#/components/schemas/_types:Name" }, "type": { - "$ref": "#/components/schemas/security._types:ApiKeyType" - }, - "username": { - "$ref": "#/components/schemas/_types:Username" - }, - "profile_uid": { - "description": "The profile uid for the API key owner principal, if requested and if it exists", "type": "string" + } + }, + "required": [ + "name" + ] + }, + "security._types:BulkError": { + "type": "object", + "properties": { + "count": { + "description": "The number of errors", + "type": "number" }, - "metadata": { - "$ref": "#/components/schemas/_types:Metadata" - }, - "role_descriptors": { - "description": "The role descriptors assigned to this API key when it was created or last updated.\nAn empty role descriptor means the API key inherits the owner user’s permissions.", + "details": { + "description": "Details about the errors, keyed by role name", "type": "object", "additionalProperties": { - "$ref": "#/components/schemas/security._types:RoleDescriptor" - } - }, - "limited_by": { - "description": "The owner user’s permissions associated with the API key.\nIt is a point-in-time snapshot captured at creation and subsequent updates.\nAn API key’s effective permissions are an intersection of its assigned privileges and the owner user’s permissions.", - "type": "array", - "items": { - "type": "object", - "additionalProperties": { - "$ref": "#/components/schemas/security._types:RoleDescriptor" - } + "$ref": "#/components/schemas/_types:ErrorCause" } - }, - "access": { - "$ref": "#/components/schemas/security._types:Access" - }, - "_sort": { - "$ref": "#/components/schemas/_types:SortResults" } }, "required": [ - "id", - "name" - ] - }, - "security._types:ApiKeyType": { - "type": "string", - "enum": [ - "rest", - "cross_cluster" + "count", + "details" ] }, "security._types:RoleDescriptor": { @@ -82312,6 +82294,23 @@ } ] }, + "security._types:ClusterNode": { + "type": "object", + "properties": { + "name": { + "$ref": "#/components/schemas/_types:Name" + } + }, + "required": [ + "name" + ] + }, + "_types:Namespace": { + "type": "string" + }, + "_types:Service": { + "type": "string" + }, "security._types:Access": { "type": "object", "properties": { @@ -82389,72 +82388,6 @@ "names" ] }, - "security._types:RealmInfo": { - "type": "object", - "properties": { - "name": { - "$ref": "#/components/schemas/_types:Name" - }, - "type": { - "type": "string" - } - }, - "required": [ - "name", - "type" - ] - }, - "security.authenticate:Token": { - "type": "object", - "properties": { - "name": { - "$ref": "#/components/schemas/_types:Name" - }, - "type": { - "type": "string" - } - }, - "required": [ - "name" - ] - }, - "security._types:BulkError": { - "type": "object", - "properties": { - "count": { - "description": "The number of errors", - "type": "number" - }, - "details": { - "description": "Details about the errors, keyed by role name", - "type": "object", - "additionalProperties": { - "$ref": "#/components/schemas/_types:ErrorCause" - } - } - }, - "required": [ - "count", - "details" - ] - }, - "security._types:ClusterNode": { - "type": "object", - "properties": { - "name": { - "$ref": "#/components/schemas/_types:Name" - } - }, - "required": [ - "name" - ] - }, - "_types:Namespace": { - "type": "string" - }, - "_types:Service": { - "type": "string" - }, "security.create_service_token:Token": { "type": "object", "properties": { @@ -82496,9 +82429,18 @@ "value" ] }, - "security._types:ApiKeyRead": { + "security._types:ApiKey": { "type": "object", "properties": { + "id": { + "$ref": "#/components/schemas/_types:Id" + }, + "name": { + "$ref": "#/components/schemas/_types:Name" + }, + "type": { + "$ref": "#/components/schemas/security._types:ApiKeyType" + }, "creation": { "description": "Creation time for the API key in milliseconds.", "type": "number" @@ -82507,9 +82449,6 @@ "description": "Expiration time for the API key in milliseconds.", "type": "number" }, - "id": { - "$ref": "#/components/schemas/_types:Id" - }, "invalidated": { "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", "type": "boolean" @@ -82517,8 +82456,8 @@ "invalidation": { "$ref": "#/components/schemas/_types:EpochTimeUnitMillis" }, - "name": { - "$ref": "#/components/schemas/_types:Name" + "username": { + "$ref": "#/components/schemas/_types:Username" }, "realm": { "description": "Realm name of the principal for which this API key was created.", @@ -82528,16 +82467,6 @@ "description": "Realm type of the principal for which this API key was created", "type": "string" }, - "type": { - "$ref": "#/components/schemas/security._types:ApiKeyType" - }, - "username": { - "$ref": "#/components/schemas/_types:Username" - }, - "profile_uid": { - "description": "The profile uid for the API key owner principal, if requested and if it exists", - "type": "string" - }, "metadata": { "$ref": "#/components/schemas/_types:Metadata" }, @@ -82561,20 +82490,32 @@ "access": { "$ref": "#/components/schemas/security._types:Access" }, + "profile_uid": { + "description": "The profile uid for the API key owner principal, if requested and if it exists", + "type": "string" + }, "_sort": { "$ref": "#/components/schemas/_types:SortResults" } }, "required": [ - "creation", "id", - "invalidated", "name", "type", + "creation", + "invalidated", "username", + "realm", "metadata" ] }, + "security._types:ApiKeyType": { + "type": "string", + "enum": [ + "rest", + "cross_cluster" + ] + }, "security.put_privileges:Actions": { "type": "object", "properties": { @@ -91985,7 +91926,7 @@ "description": "A list of API key information.", "type": "array", "items": { - "$ref": "#/components/schemas/security._types:ApiKeyRead" + "$ref": "#/components/schemas/security._types:ApiKey" } }, "aggregations": { diff --git a/output/openapi/elasticsearch-serverless-openapi.json b/output/openapi/elasticsearch-serverless-openapi.json index bb891e6d0e..b7da156db7 100644 --- a/output/openapi/elasticsearch-serverless-openapi.json +++ b/output/openapi/elasticsearch-serverless-openapi.json @@ -16660,7 +16660,7 @@ "type": "object", "properties": { "api_key": { - "$ref": "#/components/schemas/security._types:ApiKey" + "$ref": "#/components/schemas/security.authenticate:AuthenticateApiKey" }, "authentication_realm": { "$ref": "#/components/schemas/security._types:RealmInfo" @@ -16830,7 +16830,7 @@ "api_keys": { "type": "array", "items": { - "$ref": "#/components/schemas/security._types:ApiKeyRead" + "$ref": "#/components/schemas/security._types:ApiKey" } } }, @@ -53564,87 +53564,49 @@ "_types:MapboxVectorTiles": { "type": "object" }, - "security._types:ApiKey": { + "security.authenticate:AuthenticateApiKey": { "type": "object", "properties": { - "creation": { - "description": "Creation time for the API key in milliseconds.", - "type": "number" - }, - "expiration": { - "description": "Expiration time for the API key in milliseconds.", - "type": "number" - }, "id": { "$ref": "#/components/schemas/_types:Id" }, - "invalidated": { - "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", - "type": "boolean" - }, - "invalidation": { - "$ref": "#/components/schemas/_types:EpochTimeUnitMillis" - }, + "name": { + "$ref": "#/components/schemas/_types:Name" + } + }, + "required": [ + "id" + ] + }, + "security._types:RealmInfo": { + "type": "object", + "properties": { "name": { "$ref": "#/components/schemas/_types:Name" }, - "realm": { - "description": "Realm name of the principal for which this API key was created.", - "type": "string" - }, - "realm_type": { - "description": "Realm type of the principal for which this API key was created", + "type": { "type": "string" + } + }, + "required": [ + "name", + "type" + ] + }, + "security.authenticate:Token": { + "type": "object", + "properties": { + "name": { + "$ref": "#/components/schemas/_types:Name" }, "type": { - "$ref": "#/components/schemas/security._types:ApiKeyType" - }, - "username": { - "$ref": "#/components/schemas/_types:Username" - }, - "profile_uid": { - "description": "The profile uid for the API key owner principal, if requested and if it exists", "type": "string" - }, - "metadata": { - "$ref": "#/components/schemas/_types:Metadata" - }, - "role_descriptors": { - "description": "The role descriptors assigned to this API key when it was created or last updated.\nAn empty role descriptor means the API key inherits the owner user’s permissions.", - "type": "object", - "additionalProperties": { - "$ref": "#/components/schemas/security._types:RoleDescriptor" - } - }, - "limited_by": { - "description": "The owner user’s permissions associated with the API key.\nIt is a point-in-time snapshot captured at creation and subsequent updates.\nAn API key’s effective permissions are an intersection of its assigned privileges and the owner user’s permissions.", - "type": "array", - "items": { - "type": "object", - "additionalProperties": { - "$ref": "#/components/schemas/security._types:RoleDescriptor" - } - } - }, - "access": { - "$ref": "#/components/schemas/security._types:Access" - }, - "_sort": { - "$ref": "#/components/schemas/_types:SortResults" } }, "required": [ - "id", "name" ] }, - "security._types:ApiKeyType": { - "type": "string", - "enum": [ - "rest", - "cross_cluster" - ] - }, "security._types:RoleDescriptor": { "type": "object", "properties": { @@ -53922,6 +53884,93 @@ } ] }, + "security._types:ApiKey": { + "type": "object", + "properties": { + "id": { + "$ref": "#/components/schemas/_types:Id" + }, + "name": { + "$ref": "#/components/schemas/_types:Name" + }, + "type": { + "$ref": "#/components/schemas/security._types:ApiKeyType" + }, + "creation": { + "description": "Creation time for the API key in milliseconds.", + "type": "number" + }, + "expiration": { + "description": "Expiration time for the API key in milliseconds.", + "type": "number" + }, + "invalidated": { + "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", + "type": "boolean" + }, + "invalidation": { + "$ref": "#/components/schemas/_types:EpochTimeUnitMillis" + }, + "username": { + "$ref": "#/components/schemas/_types:Username" + }, + "realm": { + "description": "Realm name of the principal for which this API key was created.", + "type": "string" + }, + "realm_type": { + "description": "Realm type of the principal for which this API key was created", + "type": "string" + }, + "metadata": { + "$ref": "#/components/schemas/_types:Metadata" + }, + "role_descriptors": { + "description": "The role descriptors assigned to this API key when it was created or last updated.\nAn empty role descriptor means the API key inherits the owner user’s permissions.", + "type": "object", + "additionalProperties": { + "$ref": "#/components/schemas/security._types:RoleDescriptor" + } + }, + "limited_by": { + "description": "The owner user’s permissions associated with the API key.\nIt is a point-in-time snapshot captured at creation and subsequent updates.\nAn API key’s effective permissions are an intersection of its assigned privileges and the owner user’s permissions.", + "type": "array", + "items": { + "type": "object", + "additionalProperties": { + "$ref": "#/components/schemas/security._types:RoleDescriptor" + } + } + }, + "access": { + "$ref": "#/components/schemas/security._types:Access" + }, + "profile_uid": { + "description": "The profile uid for the API key owner principal, if requested and if it exists", + "type": "string" + }, + "_sort": { + "$ref": "#/components/schemas/_types:SortResults" + } + }, + "required": [ + "id", + "name", + "type", + "creation", + "invalidated", + "username", + "realm", + "metadata" + ] + }, + "security._types:ApiKeyType": { + "type": "string", + "enum": [ + "rest", + "cross_cluster" + ] + }, "security._types:Access": { "type": "object", "properties": { @@ -53995,114 +54044,6 @@ "names" ] }, - "security._types:RealmInfo": { - "type": "object", - "properties": { - "name": { - "$ref": "#/components/schemas/_types:Name" - }, - "type": { - "type": "string" - } - }, - "required": [ - "name", - "type" - ] - }, - "security.authenticate:Token": { - "type": "object", - "properties": { - "name": { - "$ref": "#/components/schemas/_types:Name" - }, - "type": { - "type": "string" - } - }, - "required": [ - "name" - ] - }, - "security._types:ApiKeyRead": { - "type": "object", - "properties": { - "creation": { - "description": "Creation time for the API key in milliseconds.", - "type": "number" - }, - "expiration": { - "description": "Expiration time for the API key in milliseconds.", - "type": "number" - }, - "id": { - "$ref": "#/components/schemas/_types:Id" - }, - "invalidated": { - "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", - "type": "boolean" - }, - "invalidation": { - "$ref": "#/components/schemas/_types:EpochTimeUnitMillis" - }, - "name": { - "$ref": "#/components/schemas/_types:Name" - }, - "realm": { - "description": "Realm name of the principal for which this API key was created.", - "type": "string" - }, - "realm_type": { - "description": "Realm type of the principal for which this API key was created", - "type": "string" - }, - "type": { - "$ref": "#/components/schemas/security._types:ApiKeyType" - }, - "username": { - "$ref": "#/components/schemas/_types:Username" - }, - "profile_uid": { - "description": "The profile uid for the API key owner principal, if requested and if it exists", - "type": "string" - }, - "metadata": { - "$ref": "#/components/schemas/_types:Metadata" - }, - "role_descriptors": { - "description": "The role descriptors assigned to this API key when it was created or last updated.\nAn empty role descriptor means the API key inherits the owner user’s permissions.", - "type": "object", - "additionalProperties": { - "$ref": "#/components/schemas/security._types:RoleDescriptor" - } - }, - "limited_by": { - "description": "The owner user’s permissions associated with the API key.\nIt is a point-in-time snapshot captured at creation and subsequent updates.\nAn API key’s effective permissions are an intersection of its assigned privileges and the owner user’s permissions.", - "type": "array", - "items": { - "type": "object", - "additionalProperties": { - "$ref": "#/components/schemas/security._types:RoleDescriptor" - } - } - }, - "access": { - "$ref": "#/components/schemas/security._types:Access" - }, - "_sort": { - "$ref": "#/components/schemas/_types:SortResults" - } - }, - "required": [ - "creation", - "id", - "invalidated", - "name", - "type", - "username", - "metadata" - ] - }, "security._types:RemoteClusterPrivilege": { "type": "string" }, @@ -56638,7 +56579,7 @@ "description": "A list of API key information.", "type": "array", "items": { - "$ref": "#/components/schemas/security._types:ApiKeyRead" + "$ref": "#/components/schemas/security._types:ApiKey" } }, "aggregations": { diff --git a/output/schema/schema-serverless.json b/output/schema/schema-serverless.json index b096d72dbf..0377ac19b3 100644 --- a/output/schema/schema-serverless.json +++ b/output/schema/schema-serverless.json @@ -38522,8 +38522,8 @@ "type": { "kind": "instance_of", "type": { - "name": "ApiKey", - "namespace": "security._types" + "name": "AuthenticateApiKey", + "namespace": "security.authenticate" } } }, @@ -38677,7 +38677,7 @@ "name": "Response", "namespace": "security.authenticate" }, - "specLocation": "security/authenticate/SecurityAuthenticateResponse.ts#L25-L43" + "specLocation": "security/authenticate/SecurityAuthenticateResponse.ts#L24-L42" }, { "attachedBehaviors": [ @@ -39090,7 +39090,7 @@ "value": { "kind": "instance_of", "type": { - "name": "ApiKeyRead", + "name": "ApiKey", "namespace": "security._types" } } @@ -39974,7 +39974,7 @@ "value": { "kind": "instance_of", "type": { - "name": "ApiKeyRead", + "name": "ApiKey", "namespace": "security._types" } } @@ -102913,7 +102913,7 @@ "name": "ApiKeyType", "namespace": "security._types" }, - "specLocation": "security/_types/ApiKey.ts#L114-L117" + "specLocation": "security/_types/ApiKey.ts#L117-L120" }, { "isOpen": true, @@ -139399,36 +139399,11 @@ { "kind": "interface", "name": { - "name": "ApiKey", - "namespace": "security._types" + "name": "AuthenticateApiKey", + "namespace": "security.authenticate" }, "properties": [ { - "description": "Creation time for the API key in milliseconds.", - "name": "creation", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "long", - "namespace": "_types" - } - } - }, - { - "description": "Expiration time for the API key in milliseconds.", - "name": "expiration", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "long", - "namespace": "_types" - } - } - }, - { - "description": "Id for the API key", "name": "id", "required": true, "type": { @@ -139440,46 +139415,27 @@ } }, { - "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", - "name": "invalidated", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "boolean", - "namespace": "_builtins" - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.12.0" - } - }, - "description": "If the key has been invalidated, invalidation time in milliseconds.", - "name": "invalidation", + "name": "name", "required": false, "type": { - "generics": [ - { - "kind": "instance_of", - "type": { - "name": "UnitMillis", - "namespace": "_types" - } - } - ], "kind": "instance_of", "type": { - "name": "EpochTime", + "name": "Name", "namespace": "_types" } } - }, + } + ], + "specLocation": "security/authenticate/SecurityAuthenticateResponse.ts#L44-L47" + }, + { + "kind": "interface", + "name": { + "name": "RealmInfo", + "namespace": "security._types" + }, + "properties": [ { - "description": "Name of the API key.", "name": "name", "required": true, "type": { @@ -139491,27 +139447,8 @@ } }, { - "description": "Realm name of the principal for which this API key was created.", - "name": "realm", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.14.0" - } - }, - "description": "Realm type of the principal for which this API key was created", - "name": "realm_type", - "required": false, + "name": "type", + "required": true, "type": { "kind": "instance_of", "type": { @@ -139519,33 +139456,24 @@ "namespace": "_builtins" } } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.10.0" - } - }, - "description": "The type of the API key (e.g. `rest` or `cross_cluster`).", - "name": "type", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "ApiKeyType", - "namespace": "security._types" - } - } - }, + } + ], + "specLocation": "security/_types/RealmInfo.ts#L22-L25" + }, + { + "kind": "interface", + "name": { + "name": "Token", + "namespace": "security.authenticate" + }, + "properties": [ { - "description": "Principal for which this API key was created", - "name": "username", - "required": false, + "name": "name", + "required": true, "type": { "kind": "instance_of", "type": { - "name": "Username", + "name": "Name", "namespace": "_types" } } @@ -139554,11 +139482,10 @@ "availability": { "serverless": {}, "stack": { - "since": "8.14.0" + "since": "7.14.0" } }, - "description": "The profile uid for the API key owner principal, if requested and if it exists", - "name": "profile_uid", + "name": "type", "required": false, "type": { "kind": "instance_of", @@ -139567,111 +139494,9 @@ "namespace": "_builtins" } } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "7.13.0" - } - }, - "description": "Metadata of the API key", - "name": "metadata", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "Metadata", - "namespace": "_types" - } - } - }, - { - "description": "The role descriptors assigned to this API key when it was created or last updated.\nAn empty role descriptor means the API key inherits the owner user’s permissions.", - "name": "role_descriptors", - "required": false, - "type": { - "key": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } - }, - "kind": "dictionary_of", - "singleKey": false, - "value": { - "kind": "instance_of", - "type": { - "name": "RoleDescriptor", - "namespace": "security._types" - } - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.5.0" - } - }, - "description": "The owner user’s permissions associated with the API key.\nIt is a point-in-time snapshot captured at creation and subsequent updates.\nAn API key’s effective permissions are an intersection of its assigned privileges and the owner user’s permissions.", - "name": "limited_by", - "required": false, - "type": { - "kind": "array_of", - "value": { - "key": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } - }, - "kind": "dictionary_of", - "singleKey": false, - "value": { - "kind": "instance_of", - "type": { - "name": "RoleDescriptor", - "namespace": "security._types" - } - } - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.10.0" - } - }, - "description": "The access granted to cross-cluster API keys.\nThe access is composed of permissions for cross cluster search and cross cluster replication.\nAt least one of them must be specified.\nWhen specified, the new access assignment fully replaces the previously assigned access.", - "name": "access", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "Access", - "namespace": "security._types" - } - } - }, - { - "name": "_sort", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "SortResults", - "namespace": "_types" - } - } } ], - "specLocation": "security/_types/ApiKey.ts#L29-L112" + "specLocation": "security/authenticate/types.ts#L22-L29" }, { "kind": "interface", @@ -139991,196 +139816,24 @@ { "kind": "interface", "name": { - "name": "Access", - "namespace": "security._types" - }, - "properties": [ - { - "description": "A list of indices permission entries for cross-cluster replication.", - "name": "replication", - "required": false, - "type": { - "kind": "array_of", - "value": { - "kind": "instance_of", - "type": { - "name": "ReplicationAccess", - "namespace": "security._types" - } - } - } - }, - { - "description": "A list of indices permission entries for cross-cluster search.", - "name": "search", - "required": false, - "type": { - "kind": "array_of", - "value": { - "kind": "instance_of", - "type": { - "name": "SearchAccess", - "namespace": "security._types" - } - } - } - } - ], - "specLocation": "security/_types/Access.ts#L22-L31" - }, - { - "kind": "interface", - "name": { - "name": "ReplicationAccess", - "namespace": "security._types" - }, - "properties": [ - { - "description": "A list of indices (or index name patterns) to which the permissions in this entry apply.", - "name": "names", - "required": true, - "type": { - "items": [ - { - "kind": "instance_of", - "type": { - "name": "IndexName", - "namespace": "_types" - } - }, - { - "kind": "array_of", - "value": { - "kind": "instance_of", - "type": { - "name": "IndexName", - "namespace": "_types" - } - } - } - ], - "kind": "union_of" - } - }, - { - "description": "This needs to be set to true if the patterns in the names field should cover system indices.", - "name": "allow_restricted_indices", - "required": false, - "serverDefault": false, - "type": { - "kind": "instance_of", - "type": { - "name": "boolean", - "namespace": "_builtins" - } - } - } - ], - "specLocation": "security/_types/Privileges.ts#L418-L428" - }, - { - "kind": "interface", - "name": { - "name": "SearchAccess", - "namespace": "security._types" - }, - "properties": [ - { - "description": "The document fields that the owners of the role have read access to.", - "docId": "field-and-document-access-control", - "docUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/field-and-document-access-control.html", - "name": "field_security", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "FieldSecurity", - "namespace": "security._types" - } - } - }, - { - "description": "A list of indices (or index name patterns) to which the permissions in this entry apply.", - "name": "names", - "required": true, - "type": { - "items": [ - { - "kind": "instance_of", - "type": { - "name": "IndexName", - "namespace": "_types" - } - }, - { - "kind": "array_of", - "value": { - "kind": "instance_of", - "type": { - "name": "IndexName", - "namespace": "_types" - } - } - } - ], - "kind": "union_of" - } - }, - { - "description": "A search query that defines the documents the owners of the role have access to. A document within the specified indices must match this query for it to be accessible by the owners of the role.", - "name": "query", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "IndicesPrivilegesQuery", - "namespace": "security._types" - } - } - } - ], - "specLocation": "security/_types/Privileges.ts#L430-L450" - }, - { - "kind": "interface", - "name": { - "name": "RealmInfo", + "name": "ApiKey", "namespace": "security._types" }, "properties": [ { - "name": "name", + "description": "Id for the API key", + "name": "id", "required": true, "type": { "kind": "instance_of", "type": { - "name": "Name", + "name": "Id", "namespace": "_types" } } }, { - "name": "type", - "required": true, - "type": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } - } - } - ], - "specLocation": "security/_types/RealmInfo.ts#L22-L25" - }, - { - "kind": "interface", - "name": { - "name": "Token", - "namespace": "security.authenticate" - }, - "properties": [ - { + "description": "Name of the API key.", "name": "name", "required": true, "type": { @@ -140195,49 +139848,20 @@ "availability": { "serverless": {}, "stack": { - "since": "7.14.0" + "since": "8.10.0" } }, + "description": "The type of the API key (e.g. `rest` or `cross_cluster`).", "name": "type", - "required": false, + "required": true, "type": { "kind": "instance_of", "type": { - "name": "string", - "namespace": "_builtins" - } - } - } - ], - "specLocation": "security/authenticate/types.ts#L22-L29" - }, - { - "attachedBehaviors": [ - "OverloadOf" - ], - "behaviors": [ - { - "generics": [ - { - "kind": "instance_of", - "type": { - "name": "ApiKey", - "namespace": "security._types" - } + "name": "ApiKeyType", + "namespace": "security._types" } - ], - "type": { - "name": "OverloadOf", - "namespace": "_spec_utils" } - } - ], - "kind": "interface", - "name": { - "name": "ApiKeyRead", - "namespace": "security._types" - }, - "properties": [ + }, { "description": "Creation time for the API key in milliseconds.", "name": "creation", @@ -140262,18 +139886,6 @@ } } }, - { - "description": "Id for the API key", - "name": "id", - "required": true, - "type": { - "kind": "instance_of", - "type": { - "name": "Id", - "namespace": "_types" - } - } - }, { "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", "name": "invalidated", @@ -140314,13 +139926,13 @@ } }, { - "description": "Name of the API key.", - "name": "name", + "description": "Principal for which this API key was created", + "name": "username", "required": true, "type": { "kind": "instance_of", "type": { - "name": "Name", + "name": "Username", "namespace": "_types" } } @@ -140328,7 +139940,7 @@ { "description": "Realm name of the principal for which this API key was created.", "name": "realm", - "required": false, + "required": true, "type": { "kind": "instance_of", "type": { @@ -140355,54 +139967,6 @@ } } }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.10.0" - } - }, - "description": "The type of the API key (e.g. `rest` or `cross_cluster`).", - "name": "type", - "required": true, - "type": { - "kind": "instance_of", - "type": { - "name": "ApiKeyType", - "namespace": "security._types" - } - } - }, - { - "description": "Principal for which this API key was created", - "name": "username", - "required": true, - "type": { - "kind": "instance_of", - "type": { - "name": "Username", - "namespace": "_types" - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.14.0" - } - }, - "description": "The profile uid for the API key owner principal, if requested and if it exists", - "name": "profile_uid", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } - } - }, { "availability": { "serverless": {}, @@ -140495,6 +140059,25 @@ } }, { + "availability": { + "serverless": {}, + "stack": { + "since": "8.14.0" + } + }, + "description": "The profile uid for the API key owner principal, if requested and if it exists", + "name": "profile_uid", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "string", + "namespace": "_builtins" + } + } + }, + { + "description": "Sorting values when using the `sort` parameter with the `security.query_api_keys` API.", "name": "_sort", "required": false, "type": { @@ -140506,7 +140089,160 @@ } } ], - "specLocation": "security/_types/ApiKey.ts#L119-L202" + "specLocation": "security/_types/ApiKey.ts#L29-L115" + }, + { + "kind": "interface", + "name": { + "name": "Access", + "namespace": "security._types" + }, + "properties": [ + { + "description": "A list of indices permission entries for cross-cluster replication.", + "name": "replication", + "required": false, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "ReplicationAccess", + "namespace": "security._types" + } + } + } + }, + { + "description": "A list of indices permission entries for cross-cluster search.", + "name": "search", + "required": false, + "type": { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "SearchAccess", + "namespace": "security._types" + } + } + } + } + ], + "specLocation": "security/_types/Access.ts#L22-L31" + }, + { + "kind": "interface", + "name": { + "name": "ReplicationAccess", + "namespace": "security._types" + }, + "properties": [ + { + "description": "A list of indices (or index name patterns) to which the permissions in this entry apply.", + "name": "names", + "required": true, + "type": { + "items": [ + { + "kind": "instance_of", + "type": { + "name": "IndexName", + "namespace": "_types" + } + }, + { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "IndexName", + "namespace": "_types" + } + } + } + ], + "kind": "union_of" + } + }, + { + "description": "This needs to be set to true if the patterns in the names field should cover system indices.", + "name": "allow_restricted_indices", + "required": false, + "serverDefault": false, + "type": { + "kind": "instance_of", + "type": { + "name": "boolean", + "namespace": "_builtins" + } + } + } + ], + "specLocation": "security/_types/Privileges.ts#L418-L428" + }, + { + "kind": "interface", + "name": { + "name": "SearchAccess", + "namespace": "security._types" + }, + "properties": [ + { + "description": "The document fields that the owners of the role have read access to.", + "docId": "field-and-document-access-control", + "docUrl": "https://www.elastic.co/guide/en/elasticsearch/reference/{branch}/field-and-document-access-control.html", + "name": "field_security", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "FieldSecurity", + "namespace": "security._types" + } + } + }, + { + "description": "A list of indices (or index name patterns) to which the permissions in this entry apply.", + "name": "names", + "required": true, + "type": { + "items": [ + { + "kind": "instance_of", + "type": { + "name": "IndexName", + "namespace": "_types" + } + }, + { + "kind": "array_of", + "value": { + "kind": "instance_of", + "type": { + "name": "IndexName", + "namespace": "_types" + } + } + } + ], + "kind": "union_of" + } + }, + { + "description": "A search query that defines the documents the owners of the role have access to. A document within the specified indices must match this query for it to be accessible by the owners of the role.", + "name": "query", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "IndicesPrivilegesQuery", + "namespace": "security._types" + } + } + } + ], + "specLocation": "security/_types/Privileges.ts#L430-L450" }, { "kind": "interface", diff --git a/output/schema/schema.json b/output/schema/schema.json index e65100d6db..7e8749f621 100644 --- a/output/schema/schema.json +++ b/output/schema/schema.json @@ -186936,30 +186936,6 @@ "namespace": "security._types" }, "properties": [ - { - "description": "Creation time for the API key in milliseconds.", - "name": "creation", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "long", - "namespace": "_types" - } - } - }, - { - "description": "Expiration time for the API key in milliseconds.", - "name": "expiration", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "long", - "namespace": "_types" - } - } - }, { "description": "Id for the API key", "name": "id", @@ -186972,45 +186948,6 @@ } } }, - { - "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", - "name": "invalidated", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "boolean", - "namespace": "_builtins" - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.12.0" - } - }, - "description": "If the key has been invalidated, invalidation time in milliseconds.", - "name": "invalidation", - "required": false, - "type": { - "kind": "instance_of", - "generics": [ - { - "kind": "instance_of", - "type": { - "name": "UnitMillis", - "namespace": "_types" - } - } - ], - "type": { - "name": "EpochTime", - "namespace": "_types" - } - } - }, { "description": "Name of the API key.", "name": "name", @@ -187023,36 +186960,6 @@ } } }, - { - "description": "Realm name of the principal for which this API key was created.", - "name": "realm", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.14.0" - } - }, - "description": "Realm type of the principal for which this API key was created", - "name": "realm_type", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } - } - }, { "availability": { "serverless": {}, @@ -187062,7 +186969,7 @@ }, "description": "The type of the API key (e.g. `rest` or `cross_cluster`).", "name": "type", - "required": false, + "required": true, "type": { "kind": "instance_of", "type": { @@ -187071,168 +186978,6 @@ } } }, - { - "description": "Principal for which this API key was created", - "name": "username", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "Username", - "namespace": "_types" - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.14.0" - } - }, - "description": "The profile uid for the API key owner principal, if requested and if it exists", - "name": "profile_uid", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "7.13.0" - } - }, - "description": "Metadata of the API key", - "name": "metadata", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "Metadata", - "namespace": "_types" - } - } - }, - { - "description": "The role descriptors assigned to this API key when it was created or last updated.\nAn empty role descriptor means the API key inherits the owner user’s permissions.", - "name": "role_descriptors", - "required": false, - "type": { - "kind": "dictionary_of", - "key": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } - }, - "singleKey": false, - "value": { - "kind": "instance_of", - "type": { - "name": "RoleDescriptor", - "namespace": "security._types" - } - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.5.0" - } - }, - "description": "The owner user’s permissions associated with the API key.\nIt is a point-in-time snapshot captured at creation and subsequent updates.\nAn API key’s effective permissions are an intersection of its assigned privileges and the owner user’s permissions.", - "name": "limited_by", - "required": false, - "type": { - "kind": "array_of", - "value": { - "kind": "dictionary_of", - "key": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } - }, - "singleKey": false, - "value": { - "kind": "instance_of", - "type": { - "name": "RoleDescriptor", - "namespace": "security._types" - } - } - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.10.0" - } - }, - "description": "The access granted to cross-cluster API keys.\nThe access is composed of permissions for cross cluster search and cross cluster replication.\nAt least one of them must be specified.\nWhen specified, the new access assignment fully replaces the previously assigned access.", - "name": "access", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "Access", - "namespace": "security._types" - } - } - }, - { - "name": "_sort", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "SortResults", - "namespace": "_types" - } - } - } - ], - "specLocation": "security/_types/ApiKey.ts#L29-L112" - }, - { - "kind": "interface", - "attachedBehaviors": [ - "OverloadOf" - ], - "behaviors": [ - { - "generics": [ - { - "kind": "instance_of", - "type": { - "name": "ApiKey", - "namespace": "security._types" - } - } - ], - "type": { - "name": "OverloadOf", - "namespace": "_spec_utils" - } - } - ], - "name": { - "name": "ApiKeyRead", - "namespace": "security._types" - }, - "properties": [ { "description": "Creation time for the API key in milliseconds.", "name": "creation", @@ -187257,18 +187002,6 @@ } } }, - { - "description": "Id for the API key", - "name": "id", - "required": true, - "type": { - "kind": "instance_of", - "type": { - "name": "Id", - "namespace": "_types" - } - } - }, { "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", "name": "invalidated", @@ -187309,13 +187042,13 @@ } }, { - "description": "Name of the API key.", - "name": "name", + "description": "Principal for which this API key was created", + "name": "username", "required": true, "type": { "kind": "instance_of", "type": { - "name": "Name", + "name": "Username", "namespace": "_types" } } @@ -187323,7 +187056,7 @@ { "description": "Realm name of the principal for which this API key was created.", "name": "realm", - "required": false, + "required": true, "type": { "kind": "instance_of", "type": { @@ -187350,54 +187083,6 @@ } } }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.10.0" - } - }, - "description": "The type of the API key (e.g. `rest` or `cross_cluster`).", - "name": "type", - "required": true, - "type": { - "kind": "instance_of", - "type": { - "name": "ApiKeyType", - "namespace": "security._types" - } - } - }, - { - "description": "Principal for which this API key was created", - "name": "username", - "required": true, - "type": { - "kind": "instance_of", - "type": { - "name": "Username", - "namespace": "_types" - } - } - }, - { - "availability": { - "serverless": {}, - "stack": { - "since": "8.14.0" - } - }, - "description": "The profile uid for the API key owner principal, if requested and if it exists", - "name": "profile_uid", - "required": false, - "type": { - "kind": "instance_of", - "type": { - "name": "string", - "namespace": "_builtins" - } - } - }, { "availability": { "serverless": {}, @@ -187490,6 +187175,25 @@ } }, { + "availability": { + "serverless": {}, + "stack": { + "since": "8.14.0" + } + }, + "description": "The profile uid for the API key owner principal, if requested and if it exists", + "name": "profile_uid", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "string", + "namespace": "_builtins" + } + } + }, + { + "description": "Sorting values when using the `sort` parameter with the `security.query_api_keys` API.", "name": "_sort", "required": false, "type": { @@ -187501,7 +187205,7 @@ } } ], - "specLocation": "security/_types/ApiKey.ts#L119-L202" + "specLocation": "security/_types/ApiKey.ts#L29-L115" }, { "kind": "enum", @@ -187517,7 +187221,7 @@ "name": "ApiKeyType", "namespace": "security._types" }, - "specLocation": "security/_types/ApiKey.ts#L114-L117" + "specLocation": "security/_types/ApiKey.ts#L117-L120" }, { "kind": "interface", @@ -190013,6 +189717,38 @@ }, "specLocation": "security/activate_user_profile/Response.ts#L22-L24" }, + { + "kind": "interface", + "name": { + "name": "AuthenticateApiKey", + "namespace": "security.authenticate" + }, + "properties": [ + { + "name": "id", + "required": true, + "type": { + "kind": "instance_of", + "type": { + "name": "Id", + "namespace": "_types" + } + } + }, + { + "name": "name", + "required": false, + "type": { + "kind": "instance_of", + "type": { + "name": "Name", + "namespace": "_types" + } + } + } + ], + "specLocation": "security/authenticate/SecurityAuthenticateResponse.ts#L44-L47" + }, { "kind": "request", "attachedBehaviors": [ @@ -190047,8 +189783,8 @@ "type": { "kind": "instance_of", "type": { - "name": "ApiKey", - "namespace": "security._types" + "name": "AuthenticateApiKey", + "namespace": "security.authenticate" } } }, @@ -190201,7 +189937,7 @@ "name": "Response", "namespace": "security.authenticate" }, - "specLocation": "security/authenticate/SecurityAuthenticateResponse.ts#L25-L43" + "specLocation": "security/authenticate/SecurityAuthenticateResponse.ts#L24-L42" }, { "kind": "interface", @@ -192602,7 +192338,7 @@ "value": { "kind": "instance_of", "type": { - "name": "ApiKeyRead", + "name": "ApiKey", "namespace": "security._types" } } @@ -196799,7 +196535,7 @@ "value": { "kind": "instance_of", "type": { - "name": "ApiKeyRead", + "name": "ApiKey", "namespace": "security._types" } } diff --git a/output/typescript/types.ts b/output/typescript/types.ts index 34cbf8eb10..8694022283 100644 --- a/output/typescript/types.ts +++ b/output/typescript/types.ts @@ -17607,40 +17607,21 @@ export interface SecurityAccess { } export interface SecurityApiKey { - creation?: long - expiration?: long id: Id - invalidated?: boolean - invalidation?: EpochTime name: Name - realm?: string - realm_type?: string - type?: SecurityApiKeyType - username?: Username - profile_uid?: string - metadata?: Metadata - role_descriptors?: Record - limited_by?: Record[] - access?: SecurityAccess - _sort?: SortResults -} - -export interface SecurityApiKeyRead { + type: SecurityApiKeyType creation: long expiration?: long - id: Id invalidated: boolean invalidation?: EpochTime - name: Name - realm?: string - realm_type?: string - type: SecurityApiKeyType username: Username - profile_uid?: string + realm: string + realm_type?: string metadata: Metadata role_descriptors?: Record limited_by?: Record[] access?: SecurityAccess + profile_uid?: string _sort?: SortResults } @@ -17867,11 +17848,16 @@ export interface SecurityActivateUserProfileRequest extends RequestBase { export type SecurityActivateUserProfileResponse = SecurityUserProfileWithMetadata +export interface SecurityAuthenticateAuthenticateApiKey { + id: Id + name?: Name +} + export interface SecurityAuthenticateRequest extends RequestBase { } export interface SecurityAuthenticateResponse { - api_key?: SecurityApiKey + api_key?: SecurityAuthenticateAuthenticateApiKey authentication_realm: SecurityRealmInfo email?: string | null full_name?: Name | null @@ -18150,7 +18136,7 @@ export interface SecurityGetApiKeyRequest extends RequestBase { } export interface SecurityGetApiKeyResponse { - api_keys: SecurityApiKeyRead[] + api_keys: SecurityApiKey[] } export interface SecurityGetBuiltinPrivilegesRequest extends RequestBase { @@ -18550,7 +18536,7 @@ export interface SecurityQueryApiKeysRequest extends RequestBase { export interface SecurityQueryApiKeysResponse { total: integer count: integer - api_keys: SecurityApiKeyRead[] + api_keys: SecurityApiKey[] aggregations?: Record } diff --git a/specification/security/_types/ApiKey.ts b/specification/security/_types/ApiKey.ts index ef69ac5d8e..7d1935307b 100644 --- a/specification/security/_types/ApiKey.ts +++ b/specification/security/_types/ApiKey.ts @@ -17,7 +17,6 @@ * under the License. */ -import { OverloadOf } from '@spec_utils/behaviors' import { Dictionary } from '@spec_utils/Dictionary' import { Id, Metadata, Name, Username } from '@_types/common' import { long } from '@_types/Numeric' @@ -27,96 +26,20 @@ import { Access } from './Access' import { RoleDescriptor } from './RoleDescriptor' export class ApiKey { - /** - * Creation time for the API key in milliseconds. - */ - creation?: long - /** - * Expiration time for the API key in milliseconds. - */ - expiration?: long /** * Id for the API key */ id: Id - /** - * Invalidation status for the API key. - * If the key has been invalidated, it has a value of `true`. Otherwise, it is `false`. - */ - invalidated?: boolean - /** - * If the key has been invalidated, invalidation time in milliseconds. - * @availability stack since=8.12.0 - * @availability serverless - */ - invalidation?: EpochTime /** * Name of the API key. */ name: Name - /** - * Realm name of the principal for which this API key was created. - */ - realm?: string - /** - * Realm type of the principal for which this API key was created - * @availability stack since=8.14.0 - * @availability serverless - */ - realm_type?: string /** * The type of the API key (e.g. `rest` or `cross_cluster`). * @availability stack since=8.10.0 * @availability serverless */ - type?: ApiKeyType - /** - * Principal for which this API key was created - */ - username?: Username - /** - * The profile uid for the API key owner principal, if requested and if it exists - * @availability stack since=8.14.0 - * @availability serverless - */ - profile_uid?: string - /** - * Metadata of the API key - * @availability stack since=7.13.0 - * @availability serverless - */ - metadata?: Metadata - /** - * The role descriptors assigned to this API key when it was created or last updated. - * An empty role descriptor means the API key inherits the owner user’s permissions. - */ - role_descriptors?: Dictionary - /** - * The owner user’s permissions associated with the API key. - * It is a point-in-time snapshot captured at creation and subsequent updates. - * An API key’s effective permissions are an intersection of its assigned privileges and the owner user’s permissions. - * @availability stack since=8.5.0 - * @availability serverless - */ - limited_by?: Array> - /** - * The access granted to cross-cluster API keys. - * The access is composed of permissions for cross cluster search and cross cluster replication. - * At least one of them must be specified. - * When specified, the new access assignment fully replaces the previously assigned access. - * @availability stack since=8.10.0 - * @availability serverless - */ - access?: Access - _sort?: SortResults -} - -export enum ApiKeyType { - rest, - cross_cluster -} - -export class ApiKeyRead implements OverloadOf { + type: ApiKeyType /** * Creation time for the API key in milliseconds. */ @@ -125,10 +48,6 @@ export class ApiKeyRead implements OverloadOf { * Expiration time for the API key in milliseconds. */ expiration?: long - /** - * Id for the API key - */ - id: Id /** * Invalidation status for the API key. * If the key has been invalidated, it has a value of `true`. Otherwise, it is `false`. @@ -141,35 +60,19 @@ export class ApiKeyRead implements OverloadOf { */ invalidation?: EpochTime /** - * Name of the API key. + * Principal for which this API key was created */ - name: Name + username: Username /** * Realm name of the principal for which this API key was created. */ - realm?: string + realm: string /** * Realm type of the principal for which this API key was created * @availability stack since=8.14.0 * @availability serverless */ realm_type?: string - /** - * The type of the API key (e.g. `rest` or `cross_cluster`). - * @availability stack since=8.10.0 - * @availability serverless - */ - type: ApiKeyType - /** - * Principal for which this API key was created - */ - username: Username - /** - * The profile uid for the API key owner principal, if requested and if it exists - * @availability stack since=8.14.0 - * @availability serverless - */ - profile_uid?: string /** * Metadata of the API key * @availability stack since=7.13.0 @@ -198,5 +101,19 @@ export class ApiKeyRead implements OverloadOf { * @availability serverless */ access?: Access + /** + * The profile uid for the API key owner principal, if requested and if it exists + * @availability stack since=8.14.0 + * @availability serverless + */ + profile_uid?: string + /** + * Sorting values when using the `sort` parameter with the `security.query_api_keys` API. + */ _sort?: SortResults } + +export enum ApiKeyType { + rest, + cross_cluster +} diff --git a/specification/security/authenticate/SecurityAuthenticateResponse.ts b/specification/security/authenticate/SecurityAuthenticateResponse.ts index a6716f45c9..75bfb082b8 100644 --- a/specification/security/authenticate/SecurityAuthenticateResponse.ts +++ b/specification/security/authenticate/SecurityAuthenticateResponse.ts @@ -17,14 +17,13 @@ * under the License. */ -import { ApiKey } from '@security/_types/ApiKey' import { RealmInfo } from '@security/_types/RealmInfo' -import { Metadata, Name, Username } from '@_types/common' +import { Id, Metadata, Name, Username } from '@_types/common' import { Token } from './types' export class Response { body: { - api_key?: ApiKey + api_key?: AuthenticateApiKey authentication_realm: RealmInfo email?: string | null full_name?: Name | null @@ -41,3 +40,8 @@ export class Response { token?: Token } } + +export class AuthenticateApiKey { + id: Id + name?: Name +} diff --git a/specification/security/get_api_key/SecurityGetApiKeyResponse.ts b/specification/security/get_api_key/SecurityGetApiKeyResponse.ts index 8f38211658..c1178b3710 100644 --- a/specification/security/get_api_key/SecurityGetApiKeyResponse.ts +++ b/specification/security/get_api_key/SecurityGetApiKeyResponse.ts @@ -17,8 +17,8 @@ * under the License. */ -import { ApiKeyRead } from '@security/_types/ApiKey' +import { ApiKey } from '@security/_types/ApiKey' export class Response { - body: { api_keys: ApiKeyRead[] } + body: { api_keys: ApiKey[] } } diff --git a/specification/security/query_api_keys/QueryApiKeysResponse.ts b/specification/security/query_api_keys/QueryApiKeysResponse.ts index e22b7c2c49..44a9fc05df 100644 --- a/specification/security/query_api_keys/QueryApiKeysResponse.ts +++ b/specification/security/query_api_keys/QueryApiKeysResponse.ts @@ -17,7 +17,7 @@ * under the License. */ -import { ApiKeyRead } from '@security/_types/ApiKey' +import { ApiKey } from '@security/_types/ApiKey' import { Dictionary } from '@spec_utils/Dictionary' import { AggregateName } from '@_types/common' import { integer } from '@_types/Numeric' @@ -36,7 +36,7 @@ export class Response { /** * A list of API key information. */ - api_keys: ApiKeyRead[] + api_keys: ApiKey[] /** * The aggregations result, if requested. */ From 4b6f7f787723bab8e33d17194a098a84399a2aac Mon Sep 17 00:00:00 2001 From: Quentin Pradet Date: Fri, 22 Nov 2024 11:37:07 +0400 Subject: [PATCH 3/3] Use more EpochTime --- output/openapi/elasticsearch-openapi.json | 6 ++--- .../elasticsearch-serverless-openapi.json | 6 ++--- output/schema/schema-serverless.json | 26 ++++++++++++++++--- output/schema/schema.json | 26 ++++++++++++++++--- output/typescript/types.ts | 4 +-- specification/security/_types/ApiKey.ts | 5 ++-- 6 files changed, 52 insertions(+), 21 deletions(-) diff --git a/output/openapi/elasticsearch-openapi.json b/output/openapi/elasticsearch-openapi.json index 9c45e6f0e1..3cd55ce552 100644 --- a/output/openapi/elasticsearch-openapi.json +++ b/output/openapi/elasticsearch-openapi.json @@ -82442,12 +82442,10 @@ "$ref": "#/components/schemas/security._types:ApiKeyType" }, "creation": { - "description": "Creation time for the API key in milliseconds.", - "type": "number" + "$ref": "#/components/schemas/_types:EpochTimeUnitMillis" }, "expiration": { - "description": "Expiration time for the API key in milliseconds.", - "type": "number" + "$ref": "#/components/schemas/_types:EpochTimeUnitMillis" }, "invalidated": { "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", diff --git a/output/openapi/elasticsearch-serverless-openapi.json b/output/openapi/elasticsearch-serverless-openapi.json index b7da156db7..4bd52e1cac 100644 --- a/output/openapi/elasticsearch-serverless-openapi.json +++ b/output/openapi/elasticsearch-serverless-openapi.json @@ -53897,12 +53897,10 @@ "$ref": "#/components/schemas/security._types:ApiKeyType" }, "creation": { - "description": "Creation time for the API key in milliseconds.", - "type": "number" + "$ref": "#/components/schemas/_types:EpochTimeUnitMillis" }, "expiration": { - "description": "Expiration time for the API key in milliseconds.", - "type": "number" + "$ref": "#/components/schemas/_types:EpochTimeUnitMillis" }, "invalidated": { "description": "Invalidation status for the API key.\nIf the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.", diff --git a/output/schema/schema-serverless.json b/output/schema/schema-serverless.json index 0377ac19b3..a2fbccb934 100644 --- a/output/schema/schema-serverless.json +++ b/output/schema/schema-serverless.json @@ -102913,7 +102913,7 @@ "name": "ApiKeyType", "namespace": "security._types" }, - "specLocation": "security/_types/ApiKey.ts#L117-L120" + "specLocation": "security/_types/ApiKey.ts#L116-L119" }, { "isOpen": true, @@ -139867,9 +139867,18 @@ "name": "creation", "required": true, "type": { + "generics": [ + { + "kind": "instance_of", + "type": { + "name": "UnitMillis", + "namespace": "_types" + } + } + ], "kind": "instance_of", "type": { - "name": "long", + "name": "EpochTime", "namespace": "_types" } } @@ -139879,9 +139888,18 @@ "name": "expiration", "required": false, "type": { + "generics": [ + { + "kind": "instance_of", + "type": { + "name": "UnitMillis", + "namespace": "_types" + } + } + ], "kind": "instance_of", "type": { - "name": "long", + "name": "EpochTime", "namespace": "_types" } } @@ -140089,7 +140107,7 @@ } } ], - "specLocation": "security/_types/ApiKey.ts#L29-L115" + "specLocation": "security/_types/ApiKey.ts#L28-L114" }, { "kind": "interface", diff --git a/output/schema/schema.json b/output/schema/schema.json index 7e8749f621..5faed9e4ca 100644 --- a/output/schema/schema.json +++ b/output/schema/schema.json @@ -186984,8 +186984,17 @@ "required": true, "type": { "kind": "instance_of", + "generics": [ + { + "kind": "instance_of", + "type": { + "name": "UnitMillis", + "namespace": "_types" + } + } + ], "type": { - "name": "long", + "name": "EpochTime", "namespace": "_types" } } @@ -186996,8 +187005,17 @@ "required": false, "type": { "kind": "instance_of", + "generics": [ + { + "kind": "instance_of", + "type": { + "name": "UnitMillis", + "namespace": "_types" + } + } + ], "type": { - "name": "long", + "name": "EpochTime", "namespace": "_types" } } @@ -187205,7 +187223,7 @@ } } ], - "specLocation": "security/_types/ApiKey.ts#L29-L115" + "specLocation": "security/_types/ApiKey.ts#L28-L114" }, { "kind": "enum", @@ -187221,7 +187239,7 @@ "name": "ApiKeyType", "namespace": "security._types" }, - "specLocation": "security/_types/ApiKey.ts#L117-L120" + "specLocation": "security/_types/ApiKey.ts#L116-L119" }, { "kind": "interface", diff --git a/output/typescript/types.ts b/output/typescript/types.ts index 8694022283..30b4a8ac7a 100644 --- a/output/typescript/types.ts +++ b/output/typescript/types.ts @@ -17610,8 +17610,8 @@ export interface SecurityApiKey { id: Id name: Name type: SecurityApiKeyType - creation: long - expiration?: long + creation: EpochTime + expiration?: EpochTime invalidated: boolean invalidation?: EpochTime username: Username diff --git a/specification/security/_types/ApiKey.ts b/specification/security/_types/ApiKey.ts index 7d1935307b..d5ea6b9798 100644 --- a/specification/security/_types/ApiKey.ts +++ b/specification/security/_types/ApiKey.ts @@ -19,7 +19,6 @@ import { Dictionary } from '@spec_utils/Dictionary' import { Id, Metadata, Name, Username } from '@_types/common' -import { long } from '@_types/Numeric' import { SortResults } from '@_types/sort' import { EpochTime, UnitMillis } from '@_types/Time' import { Access } from './Access' @@ -43,11 +42,11 @@ export class ApiKey { /** * Creation time for the API key in milliseconds. */ - creation: long + creation: EpochTime /** * Expiration time for the API key in milliseconds. */ - expiration?: long + expiration?: EpochTime /** * Invalidation status for the API key. * If the key has been invalidated, it has a value of `true`. Otherwise, it is `false`.