From 185a09f798c25e56d7724d176b1bfedc8a012a90 Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Tue, 29 Oct 2024 15:41:27 +0100 Subject: [PATCH 01/13] move saml-provider-plugin to packages/ --- .github/CODEOWNERS | 2 +- package.json | 2 +- packages/kbn-saml-provider-plugin/README.md | 3 +++ packages/kbn-saml-provider-plugin/index.ts | 21 +++++++++++++++++++ .../kbn-saml-provider-plugin/jest.config.js | 14 +++++++++++++ .../kbn-saml-provider-plugin}/kibana.jsonc | 3 ++- .../kbn-saml-provider-plugin/package.json | 6 ++++++ .../resources}/idp_metadata.xml | 0 .../resources}/idp_metadata_2.xml | 0 .../resources}/idp_metadata_mock_idp.xml | 0 .../resources}/idp_metadata_never_login.xml | 0 .../resources}/metadata.xml | 0 .../saml_tools/index.ts | 8 ++++--- .../kbn-saml-provider-plugin}/server/index.ts | 8 ++++--- .../server/init_routes.ts | 13 ++++++------ .../kbn-saml-provider-plugin/tsconfig.json | 21 +++++++++++++++++++ tsconfig.base.json | 4 ++-- .../default_configs/stateful.config.base.ts | 13 ++++-------- x-pack/test/cloud_integration/config.ts | 6 ++++-- x-pack/test/functional_cloud/config.ts | 11 +++++----- .../login_selector.config.ts | 8 +------ .../plugins/saml_provider/tsconfig.json | 18 ---------------- .../security_api_integration/saml.config.ts | 2 +- .../saml.http2.config.ts | 2 +- .../saml_cloud.config.ts | 2 +- .../session_concurrent_limit.config.ts | 2 +- .../session_idle.config.ts | 2 +- .../session_invalidate.config.ts | 2 +- .../session_lifespan.config.ts | 2 +- .../login_selector/basic_functionality.ts | 5 +---- .../tests/saml/saml_login.ts | 6 +----- .../tests/saml_cloud/saml_login.ts | 2 +- .../tests/session_concurrent_limit/cleanup.ts | 5 +---- .../session_concurrent_limit/global_limit.ts | 5 +---- .../tests/session_idle/cleanup.ts | 5 +---- .../tests/session_invalidate/invalidate.ts | 5 +---- .../tests/session_lifespan/cleanup.ts | 5 +---- .../login_selector.config.ts | 13 +++++------- .../test/security_functional/saml.config.ts | 9 ++++---- .../security_functional/saml.http2.config.ts | 7 +------ x-pack/test_serverless/shared/config.base.ts | 14 ++++--------- yarn.lock | 2 +- 42 files changed, 131 insertions(+), 127 deletions(-) create mode 100644 packages/kbn-saml-provider-plugin/README.md create mode 100644 packages/kbn-saml-provider-plugin/index.ts create mode 100644 packages/kbn-saml-provider-plugin/jest.config.js rename {x-pack/test/security_api_integration/plugins/saml_provider => packages/kbn-saml-provider-plugin}/kibana.jsonc (90%) create mode 100644 packages/kbn-saml-provider-plugin/package.json rename {x-pack/test/security_api_integration/packages/helpers/saml => packages/kbn-saml-provider-plugin/resources}/idp_metadata.xml (100%) rename {x-pack/test/security_api_integration/packages/helpers/saml => packages/kbn-saml-provider-plugin/resources}/idp_metadata_2.xml (100%) rename {x-pack/test/security_api_integration/packages/helpers/saml => packages/kbn-saml-provider-plugin/resources}/idp_metadata_mock_idp.xml (100%) rename {x-pack/test/security_api_integration/packages/helpers/saml => packages/kbn-saml-provider-plugin/resources}/idp_metadata_never_login.xml (100%) rename {x-pack/test/security_api_integration/plugins/saml_provider => packages/kbn-saml-provider-plugin/resources}/metadata.xml (100%) rename x-pack/test/security_api_integration/packages/helpers/saml/saml_tools.ts => packages/kbn-saml-provider-plugin/saml_tools/index.ts (94%) rename {x-pack/test/security_api_integration/plugins/saml_provider => packages/kbn-saml-provider-plugin}/server/index.ts (60%) rename {x-pack/test/security_api_integration/plugins/saml_provider => packages/kbn-saml-provider-plugin}/server/init_routes.ts (88%) create mode 100644 packages/kbn-saml-provider-plugin/tsconfig.json delete mode 100644 x-pack/test/security_api_integration/plugins/saml_provider/tsconfig.json diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 1451c647f658e..d877fcacd2cdd 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -743,7 +743,7 @@ packages/kbn-rule-data-utils @elastic/security-detections-response @elastic/resp x-pack/plugins/rule_registry @elastic/response-ops @elastic/obs-ux-management-team x-pack/plugins/runtime_fields @elastic/kibana-management packages/kbn-safer-lodash-set @elastic/kibana-security -x-pack/test/security_api_integration/plugins/saml_provider @elastic/kibana-security +packages/kbn-saml-provider-plugin @elastic/kibana-security x-pack/test/plugin_api_integration/plugins/sample_task_plugin @elastic/response-ops x-pack/test/task_manager_claimer_update_by_query/plugins/sample_task_plugin_mget @elastic/response-ops test/plugin_functional/plugins/saved_object_export_transforms @elastic/kibana-core diff --git a/package.json b/package.json index 09e19ab86b1ca..72399e08063fe 100644 --- a/package.json +++ b/package.json @@ -761,7 +761,6 @@ "@kbn/rule-registry-plugin": "link:x-pack/plugins/rule_registry", "@kbn/runtime-fields-plugin": "link:x-pack/plugins/runtime_fields", "@kbn/safer-lodash-set": "link:packages/kbn-safer-lodash-set", - "@kbn/saml-provider-plugin": "link:x-pack/test/security_api_integration/plugins/saml_provider", "@kbn/sample-task-plugin": "link:x-pack/test/plugin_api_integration/plugins/sample_task_plugin", "@kbn/sample-task-plugin-update-by-query": "link:x-pack/test/task_manager_claimer_update_by_query/plugins/sample_task_plugin_mget", "@kbn/saved-object-export-transforms-plugin": "link:test/plugin_functional/plugins/saved_object_export_transforms", @@ -1469,6 +1468,7 @@ "@kbn/repo-path": "link:packages/kbn-repo-path", "@kbn/repo-source-classifier": "link:packages/kbn-repo-source-classifier", "@kbn/repo-source-classifier-cli": "link:packages/kbn-repo-source-classifier-cli", + "@kbn/saml-provider-plugin": "link:packages/kbn-saml-provider-plugin", "@kbn/security-api-integration-helpers": "link:x-pack/test/security_api_integration/packages/helpers", "@kbn/serverless-storybook-config": "link:packages/serverless/storybook/config", "@kbn/some-dev-log": "link:packages/kbn-some-dev-log", diff --git a/packages/kbn-saml-provider-plugin/README.md b/packages/kbn-saml-provider-plugin/README.md new file mode 100644 index 0000000000000..6456631124c27 --- /dev/null +++ b/packages/kbn-saml-provider-plugin/README.md @@ -0,0 +1,3 @@ +# @kbn/saml-provider-plugin + +Saml provider plugin for testing purpose diff --git a/packages/kbn-saml-provider-plugin/index.ts b/packages/kbn-saml-provider-plugin/index.ts new file mode 100644 index 0000000000000..c372fb98f67e1 --- /dev/null +++ b/packages/kbn-saml-provider-plugin/index.ts @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import path from 'path'; + +const resourcesPath = path.resolve(__dirname, 'resources'); +export const saml1IdPMetadataPath = path.resolve(resourcesPath, 'idp_metadata.xml'); +export const saml2IdPMetadataPath = path.resolve(resourcesPath, 'idp_metadata_2.xml'); +export const idpNeverLoginPath = path.resolve(resourcesPath, 'idp_metadata_never_login.xml'); +export const mockIdPMetadataPath = path.resolve(resourcesPath, 'idp_metadata_mock_idp.xml'); +export const pluginMetadataPath = path.resolve(resourcesPath, 'metadata.xml'); + +export const pluginPath = path.resolve(__dirname); + +export * from './saml_tools'; diff --git a/packages/kbn-saml-provider-plugin/jest.config.js b/packages/kbn-saml-provider-plugin/jest.config.js new file mode 100644 index 0000000000000..13953b335e353 --- /dev/null +++ b/packages/kbn-saml-provider-plugin/jest.config.js @@ -0,0 +1,14 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +module.exports = { + preset: '@kbn/test/jest_node', + rootDir: '../..', + roots: ['/packages/kbn-saml-provider'], +}; diff --git a/x-pack/test/security_api_integration/plugins/saml_provider/kibana.jsonc b/packages/kbn-saml-provider-plugin/kibana.jsonc similarity index 90% rename from x-pack/test/security_api_integration/plugins/saml_provider/kibana.jsonc rename to packages/kbn-saml-provider-plugin/kibana.jsonc index 1aa22257908ce..568f8bc69c202 100644 --- a/x-pack/test/security_api_integration/plugins/saml_provider/kibana.jsonc +++ b/packages/kbn-saml-provider-plugin/kibana.jsonc @@ -2,6 +2,7 @@ "type": "plugin", "id": "@kbn/saml-provider-plugin", "owner": "@elastic/kibana-security", + "devOnly": true, "plugin": { "id": "samlProviderPlugin", "server": true, @@ -9,5 +10,5 @@ "optionalPlugins": [ "cloud" ] - } + }, } diff --git a/packages/kbn-saml-provider-plugin/package.json b/packages/kbn-saml-provider-plugin/package.json new file mode 100644 index 0000000000000..89bf276bc5525 --- /dev/null +++ b/packages/kbn-saml-provider-plugin/package.json @@ -0,0 +1,6 @@ +{ + "name": "@kbn/saml-provider-plugin", + "private": true, + "version": "1.0.0", + "license": "Elastic License 2.0 OR AGPL-3.0-only OR SSPL-1.0" +} \ No newline at end of file diff --git a/x-pack/test/security_api_integration/packages/helpers/saml/idp_metadata.xml b/packages/kbn-saml-provider-plugin/resources/idp_metadata.xml similarity index 100% rename from x-pack/test/security_api_integration/packages/helpers/saml/idp_metadata.xml rename to packages/kbn-saml-provider-plugin/resources/idp_metadata.xml diff --git a/x-pack/test/security_api_integration/packages/helpers/saml/idp_metadata_2.xml b/packages/kbn-saml-provider-plugin/resources/idp_metadata_2.xml similarity index 100% rename from x-pack/test/security_api_integration/packages/helpers/saml/idp_metadata_2.xml rename to packages/kbn-saml-provider-plugin/resources/idp_metadata_2.xml diff --git a/x-pack/test/security_api_integration/packages/helpers/saml/idp_metadata_mock_idp.xml b/packages/kbn-saml-provider-plugin/resources/idp_metadata_mock_idp.xml similarity index 100% rename from x-pack/test/security_api_integration/packages/helpers/saml/idp_metadata_mock_idp.xml rename to packages/kbn-saml-provider-plugin/resources/idp_metadata_mock_idp.xml diff --git a/x-pack/test/security_api_integration/packages/helpers/saml/idp_metadata_never_login.xml b/packages/kbn-saml-provider-plugin/resources/idp_metadata_never_login.xml similarity index 100% rename from x-pack/test/security_api_integration/packages/helpers/saml/idp_metadata_never_login.xml rename to packages/kbn-saml-provider-plugin/resources/idp_metadata_never_login.xml diff --git a/x-pack/test/security_api_integration/plugins/saml_provider/metadata.xml b/packages/kbn-saml-provider-plugin/resources/metadata.xml similarity index 100% rename from x-pack/test/security_api_integration/plugins/saml_provider/metadata.xml rename to packages/kbn-saml-provider-plugin/resources/metadata.xml diff --git a/x-pack/test/security_api_integration/packages/helpers/saml/saml_tools.ts b/packages/kbn-saml-provider-plugin/saml_tools/index.ts similarity index 94% rename from x-pack/test/security_api_integration/packages/helpers/saml/saml_tools.ts rename to packages/kbn-saml-provider-plugin/saml_tools/index.ts index b1dd8f851caf0..4cb481622f681 100644 --- a/x-pack/test/security_api_integration/packages/helpers/saml/saml_tools.ts +++ b/packages/kbn-saml-provider-plugin/saml_tools/index.ts @@ -1,8 +1,10 @@ /* * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". */ import crypto from 'crypto'; diff --git a/x-pack/test/security_api_integration/plugins/saml_provider/server/index.ts b/packages/kbn-saml-provider-plugin/server/index.ts similarity index 60% rename from x-pack/test/security_api_integration/plugins/saml_provider/server/index.ts rename to packages/kbn-saml-provider-plugin/server/index.ts index 865240e32e9f0..30d47b1a6e091 100644 --- a/x-pack/test/security_api_integration/plugins/saml_provider/server/index.ts +++ b/packages/kbn-saml-provider-plugin/server/index.ts @@ -1,8 +1,10 @@ /* * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". */ import type { CloudSetup } from '@kbn/cloud-plugin/server'; diff --git a/x-pack/test/security_api_integration/plugins/saml_provider/server/init_routes.ts b/packages/kbn-saml-provider-plugin/server/init_routes.ts similarity index 88% rename from x-pack/test/security_api_integration/plugins/saml_provider/server/init_routes.ts rename to packages/kbn-saml-provider-plugin/server/init_routes.ts index f9e84caca0531..afbdbc5c18722 100644 --- a/x-pack/test/security_api_integration/plugins/saml_provider/server/init_routes.ts +++ b/packages/kbn-saml-provider-plugin/server/init_routes.ts @@ -1,15 +1,14 @@ /* * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". */ import type { CoreSetup, PluginInitializerContext } from '@kbn/core/server'; -import { - getSAMLRequestId, - getSAMLResponse, -} from '@kbn/security-api-integration-helpers/saml/saml_tools'; +import { getSAMLRequestId, getSAMLResponse } from '../saml_tools'; import type { PluginSetupDependencies } from '.'; diff --git a/packages/kbn-saml-provider-plugin/tsconfig.json b/packages/kbn-saml-provider-plugin/tsconfig.json new file mode 100644 index 0000000000000..5e3d4bf264dee --- /dev/null +++ b/packages/kbn-saml-provider-plugin/tsconfig.json @@ -0,0 +1,21 @@ +{ + "extends": "../../tsconfig.base.json", + "compilerOptions": { + "outDir": "target/types", + "types": [ + "jest", + "node" + ] + }, + "include": [ + "**/*.ts", + ], + "exclude": [ + "target/**/*" + ], + "kbn_references": [ + "@kbn/dev-utils", + "@kbn/cloud-plugin", + "@kbn/core", + ] +} diff --git a/tsconfig.base.json b/tsconfig.base.json index 4471cb1bc6754..65b04932bbd0b 100644 --- a/tsconfig.base.json +++ b/tsconfig.base.json @@ -1480,8 +1480,8 @@ "@kbn/runtime-fields-plugin/*": ["x-pack/plugins/runtime_fields/*"], "@kbn/safer-lodash-set": ["packages/kbn-safer-lodash-set"], "@kbn/safer-lodash-set/*": ["packages/kbn-safer-lodash-set/*"], - "@kbn/saml-provider-plugin": ["x-pack/test/security_api_integration/plugins/saml_provider"], - "@kbn/saml-provider-plugin/*": ["x-pack/test/security_api_integration/plugins/saml_provider/*"], + "@kbn/saml-provider-plugin": ["packages/kbn-saml-provider-plugin"], + "@kbn/saml-provider-plugin/*": ["packages/kbn-saml-provider-plugin/*"], "@kbn/sample-task-plugin": ["x-pack/test/plugin_api_integration/plugins/sample_task_plugin"], "@kbn/sample-task-plugin/*": ["x-pack/test/plugin_api_integration/plugins/sample_task_plugin/*"], "@kbn/sample-task-plugin-update-by-query": ["x-pack/test/task_manager_claimer_update_by_query/plugins/sample_task_plugin_mget"], diff --git a/x-pack/test/api_integration/deployment_agnostic/default_configs/stateful.config.base.ts b/x-pack/test/api_integration/deployment_agnostic/default_configs/stateful.config.base.ts index bd423762255a5..932488b17f346 100644 --- a/x-pack/test/api_integration/deployment_agnostic/default_configs/stateful.config.base.ts +++ b/x-pack/test/api_integration/deployment_agnostic/default_configs/stateful.config.base.ts @@ -22,6 +22,10 @@ import { import path from 'path'; import { REPO_ROOT } from '@kbn/repo-info'; import { STATEFUL_ROLES_ROOT_PATH } from '@kbn/es'; +import { + mockIdPMetadataPath as idpPath, + pluginPath as samlIdPPlugin, +} from '@kbn/saml-provider-plugin'; import { dockerImage } from '../../../fleet_api_integration/config.base'; import { DeploymentAgnosticCommonServices, services } from '../services'; @@ -61,15 +65,6 @@ export function createStatefulTestConfig { @@ -49,16 +53,6 @@ export default async () => { }, }; - // "Fake" SAML provider - const idpPath = resolve( - __dirname, - '../../test/security_api_integration/plugins/saml_provider/metadata.xml' - ); - const samlIdPPlugin = resolve( - __dirname, - '../../test/security_api_integration/plugins/saml_provider' - ); - const jwksPath = require.resolve('@kbn/security-api-integration-helpers/oidc/jwks.json'); return { diff --git a/yarn.lock b/yarn.lock index ce86d0b1e6d77..ac91d73f82315 100644 --- a/yarn.lock +++ b/yarn.lock @@ -6216,7 +6216,7 @@ version "0.0.0" uid "" -"@kbn/saml-provider-plugin@link:x-pack/test/security_api_integration/plugins/saml_provider": +"@kbn/saml-provider-plugin@link:packages/kbn-saml-provider-plugin": version "0.0.0" uid "" From 4455e2d534e68a887d46ad3acff0de24a42df73a Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Tue, 29 Oct 2024 20:22:11 +0000 Subject: [PATCH 02/13] [CI] Auto-commit changed files from 'node scripts/lint_ts_projects --fix' --- .../security_api_integration/packages/helpers/tsconfig.json | 1 - x-pack/test/tsconfig.json | 3 ++- x-pack/test_serverless/tsconfig.json | 1 + 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/x-pack/test/security_api_integration/packages/helpers/tsconfig.json b/x-pack/test/security_api_integration/packages/helpers/tsconfig.json index 317baf916f5a1..37d1561f95b8d 100644 --- a/x-pack/test/security_api_integration/packages/helpers/tsconfig.json +++ b/x-pack/test/security_api_integration/packages/helpers/tsconfig.json @@ -14,6 +14,5 @@ "target/**/*" ], "kbn_references": [ - "@kbn/dev-utils", ] } diff --git a/x-pack/test/tsconfig.json b/x-pack/test/tsconfig.json index 2ba14ceb1218c..65448c00a048a 100644 --- a/x-pack/test/tsconfig.json +++ b/x-pack/test/tsconfig.json @@ -187,6 +187,7 @@ "@kbn/alerting-types", "@kbn/ai-assistant-common", "@kbn/core-deprecations-common", - "@kbn/usage-collection-plugin" + "@kbn/usage-collection-plugin", + "@kbn/saml-provider-plugin" ] } diff --git a/x-pack/test_serverless/tsconfig.json b/x-pack/test_serverless/tsconfig.json index ed9a78fde0f6f..7e422bf99dbd4 100644 --- a/x-pack/test_serverless/tsconfig.json +++ b/x-pack/test_serverless/tsconfig.json @@ -98,5 +98,6 @@ "@kbn/core-saved-objects-import-export-server-internal", "@kbn/security-plugin-types-common", "@kbn/ai-assistant-common", + "@kbn/saml-provider-plugin", ] } From b7f48d21c9dccaac7594701079496f0d6c760621 Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Wed, 30 Oct 2024 11:31:48 +0100 Subject: [PATCH 03/13] delete jest config, rename helpers folder --- .../{saml_tools/index.ts => helpers/saml_tools.ts} | 0 packages/kbn-saml-provider-plugin/index.ts | 2 +- packages/kbn-saml-provider-plugin/jest.config.js | 14 -------------- .../kbn-saml-provider-plugin/server/init_routes.ts | 2 +- 4 files changed, 2 insertions(+), 16 deletions(-) rename packages/kbn-saml-provider-plugin/{saml_tools/index.ts => helpers/saml_tools.ts} (100%) delete mode 100644 packages/kbn-saml-provider-plugin/jest.config.js diff --git a/packages/kbn-saml-provider-plugin/saml_tools/index.ts b/packages/kbn-saml-provider-plugin/helpers/saml_tools.ts similarity index 100% rename from packages/kbn-saml-provider-plugin/saml_tools/index.ts rename to packages/kbn-saml-provider-plugin/helpers/saml_tools.ts diff --git a/packages/kbn-saml-provider-plugin/index.ts b/packages/kbn-saml-provider-plugin/index.ts index c372fb98f67e1..3a6691f29d4cd 100644 --- a/packages/kbn-saml-provider-plugin/index.ts +++ b/packages/kbn-saml-provider-plugin/index.ts @@ -18,4 +18,4 @@ export const pluginMetadataPath = path.resolve(resourcesPath, 'metadata.xml'); export const pluginPath = path.resolve(__dirname); -export * from './saml_tools'; +export * from './helpers/saml_tools'; diff --git a/packages/kbn-saml-provider-plugin/jest.config.js b/packages/kbn-saml-provider-plugin/jest.config.js deleted file mode 100644 index 13953b335e353..0000000000000 --- a/packages/kbn-saml-provider-plugin/jest.config.js +++ /dev/null @@ -1,14 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -module.exports = { - preset: '@kbn/test/jest_node', - rootDir: '../..', - roots: ['/packages/kbn-saml-provider'], -}; diff --git a/packages/kbn-saml-provider-plugin/server/init_routes.ts b/packages/kbn-saml-provider-plugin/server/init_routes.ts index afbdbc5c18722..2d22cb136ca6e 100644 --- a/packages/kbn-saml-provider-plugin/server/init_routes.ts +++ b/packages/kbn-saml-provider-plugin/server/init_routes.ts @@ -8,7 +8,7 @@ */ import type { CoreSetup, PluginInitializerContext } from '@kbn/core/server'; -import { getSAMLRequestId, getSAMLResponse } from '../saml_tools'; +import { getSAMLRequestId, getSAMLResponse } from '../helpers/saml_tools'; import type { PluginSetupDependencies } from '.'; From fdecc59893790f11a7369f3afb329b6959b27daa Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Wed, 30 Oct 2024 12:40:02 +0100 Subject: [PATCH 04/13] remove explicit code owner for package --- .github/CODEOWNERS | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index d877fcacd2cdd..40c64ebc597ee 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -743,7 +743,6 @@ packages/kbn-rule-data-utils @elastic/security-detections-response @elastic/resp x-pack/plugins/rule_registry @elastic/response-ops @elastic/obs-ux-management-team x-pack/plugins/runtime_fields @elastic/kibana-management packages/kbn-safer-lodash-set @elastic/kibana-security -packages/kbn-saml-provider-plugin @elastic/kibana-security x-pack/test/plugin_api_integration/plugins/sample_task_plugin @elastic/response-ops x-pack/test/task_manager_claimer_update_by_query/plugins/sample_task_plugin_mget @elastic/response-ops test/plugin_functional/plugins/saved_object_export_transforms @elastic/kibana-core From f00f110d6b86b545b49d4c09d6880af3f6ffbd49 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Wed, 30 Oct 2024 11:50:59 +0000 Subject: [PATCH 05/13] [CI] Auto-commit changed files from 'node scripts/build_plugin_list_docs' --- .github/CODEOWNERS | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 40c64ebc597ee..d877fcacd2cdd 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -743,6 +743,7 @@ packages/kbn-rule-data-utils @elastic/security-detections-response @elastic/resp x-pack/plugins/rule_registry @elastic/response-ops @elastic/obs-ux-management-team x-pack/plugins/runtime_fields @elastic/kibana-management packages/kbn-safer-lodash-set @elastic/kibana-security +packages/kbn-saml-provider-plugin @elastic/kibana-security x-pack/test/plugin_api_integration/plugins/sample_task_plugin @elastic/response-ops x-pack/test/task_manager_claimer_update_by_query/plugins/sample_task_plugin_mget @elastic/response-ops test/plugin_functional/plugins/saved_object_export_transforms @elastic/kibana-core From 529934b80764ef5b02e779a7c8b63c28165e8c3c Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Wed, 30 Oct 2024 14:41:49 +0100 Subject: [PATCH 06/13] Update packages/kbn-saml-provider-plugin/kibana.jsonc Co-authored-by: Aleh Zasypkin --- packages/kbn-saml-provider-plugin/kibana.jsonc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/kbn-saml-provider-plugin/kibana.jsonc b/packages/kbn-saml-provider-plugin/kibana.jsonc index 568f8bc69c202..f73f9fe7191db 100644 --- a/packages/kbn-saml-provider-plugin/kibana.jsonc +++ b/packages/kbn-saml-provider-plugin/kibana.jsonc @@ -10,5 +10,5 @@ "optionalPlugins": [ "cloud" ] - }, + } } From 804d7af31183dc0a27fa0d02657c8a1213cdbf9e Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Wed, 30 Oct 2024 16:06:05 +0100 Subject: [PATCH 07/13] update exports and its usage --- packages/kbn-saml-provider-plugin/index.ts | 15 +++++++++------ .../default_configs/stateful.config.base.ts | 7 ++----- x-pack/test/cloud_integration/config.ts | 7 ++----- x-pack/test/functional_cloud/config.ts | 7 ++----- .../login_selector.config.ts | 6 +++--- .../test/security_api_integration/saml.config.ts | 4 ++-- .../security_api_integration/saml.http2.config.ts | 4 ++-- .../security_api_integration/saml_cloud.config.ts | 4 ++-- .../session_concurrent_limit.config.ts | 4 ++-- .../session_idle.config.ts | 4 ++-- .../session_invalidate.config.ts | 4 ++-- .../session_lifespan.config.ts | 4 ++-- .../security_functional/login_selector.config.ts | 10 +++------- x-pack/test/security_functional/saml.config.ts | 7 ++----- .../test/security_functional/saml.http2.config.ts | 4 ++-- x-pack/test_serverless/shared/config.base.ts | 7 ++----- 16 files changed, 41 insertions(+), 57 deletions(-) diff --git a/packages/kbn-saml-provider-plugin/index.ts b/packages/kbn-saml-provider-plugin/index.ts index 3a6691f29d4cd..1f8e282cbcad1 100644 --- a/packages/kbn-saml-provider-plugin/index.ts +++ b/packages/kbn-saml-provider-plugin/index.ts @@ -10,12 +10,15 @@ import path from 'path'; const resourcesPath = path.resolve(__dirname, 'resources'); -export const saml1IdPMetadataPath = path.resolve(resourcesPath, 'idp_metadata.xml'); -export const saml2IdPMetadataPath = path.resolve(resourcesPath, 'idp_metadata_2.xml'); -export const idpNeverLoginPath = path.resolve(resourcesPath, 'idp_metadata_never_login.xml'); -export const mockIdPMetadataPath = path.resolve(resourcesPath, 'idp_metadata_mock_idp.xml'); -export const pluginMetadataPath = path.resolve(resourcesPath, 'metadata.xml'); + +export const IDP_METADATA_PATHS = { + default: path.resolve(resourcesPath, 'metadata.xml'), + saml1: path.resolve(resourcesPath, 'idp_metadata.xml'), + saml2: path.resolve(resourcesPath, 'idp_metadata_2.xml'), + neverLogin: path.resolve(resourcesPath, 'idp_metadata_never_login.xml'), + mockIdpPlugin: path.resolve(resourcesPath, 'idp_metadata_mock_idp.xml'), +}; export const pluginPath = path.resolve(__dirname); -export * from './helpers/saml_tools'; +export { getLogoutRequest, getSAMLRequestId, getSAMLResponse } from './helpers/saml_tools'; diff --git a/x-pack/test/api_integration/deployment_agnostic/default_configs/stateful.config.base.ts b/x-pack/test/api_integration/deployment_agnostic/default_configs/stateful.config.base.ts index 932488b17f346..7275911b5a706 100644 --- a/x-pack/test/api_integration/deployment_agnostic/default_configs/stateful.config.base.ts +++ b/x-pack/test/api_integration/deployment_agnostic/default_configs/stateful.config.base.ts @@ -22,10 +22,7 @@ import { import path from 'path'; import { REPO_ROOT } from '@kbn/repo-info'; import { STATEFUL_ROLES_ROOT_PATH } from '@kbn/es'; -import { - mockIdPMetadataPath as idpPath, - pluginPath as samlIdPPlugin, -} from '@kbn/saml-provider-plugin'; +import { IDP_METADATA_PATHS, pluginPath as samlIdPPlugin } from '@kbn/saml-provider-plugin'; import { dockerImage } from '../../../fleet_api_integration/config.base'; import { DeploymentAgnosticCommonServices, services } from '../services'; @@ -104,7 +101,7 @@ export function createStatefulTestConfig { @@ -73,7 +70,7 @@ export default async () => { }, esTestCluster: { from: 'serverless', - files: [idpPath, jwksPath], + files: [IDP_METADATA_PATHS.default, jwksPath], serverArgs: [ 'xpack.security.authc.realms.file.file1.order=-100', `xpack.security.authc.realms.native.native1.enabled=false`, From fd9ee21f85e63a7bab40910528530d1465539b6b Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Wed, 30 Oct 2024 19:06:44 +0100 Subject: [PATCH 08/13] Update CODEOWNERS --- .github/CODEOWNERS | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index d877fcacd2cdd..40c64ebc597ee 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -743,7 +743,6 @@ packages/kbn-rule-data-utils @elastic/security-detections-response @elastic/resp x-pack/plugins/rule_registry @elastic/response-ops @elastic/obs-ux-management-team x-pack/plugins/runtime_fields @elastic/kibana-management packages/kbn-safer-lodash-set @elastic/kibana-security -packages/kbn-saml-provider-plugin @elastic/kibana-security x-pack/test/plugin_api_integration/plugins/sample_task_plugin @elastic/response-ops x-pack/test/task_manager_claimer_update_by_query/plugins/sample_task_plugin_mget @elastic/response-ops test/plugin_functional/plugins/saved_object_export_transforms @elastic/kibana-core From 03329e5c56322ecd19c74aaeaa0a8280b6b478d6 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Wed, 30 Oct 2024 18:16:37 +0000 Subject: [PATCH 09/13] [CI] Auto-commit changed files from 'node scripts/build_plugin_list_docs' --- .github/CODEOWNERS | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 40c64ebc597ee..d877fcacd2cdd 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -743,6 +743,7 @@ packages/kbn-rule-data-utils @elastic/security-detections-response @elastic/resp x-pack/plugins/rule_registry @elastic/response-ops @elastic/obs-ux-management-team x-pack/plugins/runtime_fields @elastic/kibana-management packages/kbn-safer-lodash-set @elastic/kibana-security +packages/kbn-saml-provider-plugin @elastic/kibana-security x-pack/test/plugin_api_integration/plugins/sample_task_plugin @elastic/response-ops x-pack/test/task_manager_claimer_update_by_query/plugins/sample_task_plugin_mget @elastic/response-ops test/plugin_functional/plugins/saved_object_export_transforms @elastic/kibana-core From c438081713133a14bb0d7a95bb640c41aa56241c Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Wed, 30 Oct 2024 20:01:03 +0100 Subject: [PATCH 10/13] fix config, move default metadata.xml to plugin root --- packages/kbn-saml-provider-plugin/index.ts | 6 +++--- .../kbn-saml-provider-plugin/{resources => }/metadata.xml | 0 x-pack/test/cloud_integration/config.ts | 6 ++++-- 3 files changed, 7 insertions(+), 5 deletions(-) rename packages/kbn-saml-provider-plugin/{resources => }/metadata.xml (100%) diff --git a/packages/kbn-saml-provider-plugin/index.ts b/packages/kbn-saml-provider-plugin/index.ts index 1f8e282cbcad1..39d5330d678ef 100644 --- a/packages/kbn-saml-provider-plugin/index.ts +++ b/packages/kbn-saml-provider-plugin/index.ts @@ -11,14 +11,14 @@ import path from 'path'; const resourcesPath = path.resolve(__dirname, 'resources'); +export const pluginPath = path.resolve(__dirname); + export const IDP_METADATA_PATHS = { - default: path.resolve(resourcesPath, 'metadata.xml'), + default: path.resolve(pluginPath, 'metadata.xml'), saml1: path.resolve(resourcesPath, 'idp_metadata.xml'), saml2: path.resolve(resourcesPath, 'idp_metadata_2.xml'), neverLogin: path.resolve(resourcesPath, 'idp_metadata_never_login.xml'), mockIdpPlugin: path.resolve(resourcesPath, 'idp_metadata_mock_idp.xml'), }; -export const pluginPath = path.resolve(__dirname); - export { getLogoutRequest, getSAMLRequestId, getSAMLResponse } from './helpers/saml_tools'; diff --git a/packages/kbn-saml-provider-plugin/resources/metadata.xml b/packages/kbn-saml-provider-plugin/metadata.xml similarity index 100% rename from packages/kbn-saml-provider-plugin/resources/metadata.xml rename to packages/kbn-saml-provider-plugin/metadata.xml diff --git a/x-pack/test/cloud_integration/config.ts b/x-pack/test/cloud_integration/config.ts index bcd4d1a3b48fd..1d383c4e049fb 100644 --- a/x-pack/test/cloud_integration/config.ts +++ b/x-pack/test/cloud_integration/config.ts @@ -7,7 +7,6 @@ import { resolve } from 'path'; import { FtrConfigProviderContext } from '@kbn/test'; -import { IDP_METADATA_PATHS, pluginPath as samlIdPPlugin } from '@kbn/saml-provider-plugin'; import { services } from '../functional/services'; import { pageObjects } from '../functional/page_objects'; @@ -25,6 +24,9 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) { require.resolve('@kbn/test-suites-src/functional/config.base') ); + const idpPath = resolve(__dirname, './plugins/saml_provider/metadata.xml'); + const samlIdPPlugin = resolve(__dirname, './plugins/saml_provider'); + const kibanaPort = kibanaFunctionalConfig.get('servers.kibana.port'); return { @@ -41,7 +43,7 @@ export default async function ({ readConfigFile }: FtrConfigProviderContext) { serverArgs: [ 'xpack.security.authc.token.enabled=true', 'xpack.security.authc.realms.saml.saml1.order=0', - `xpack.security.authc.realms.saml.saml1.idp.metadata.path=${IDP_METADATA_PATHS.default}`, + `xpack.security.authc.realms.saml.saml1.idp.metadata.path=${idpPath}`, 'xpack.security.authc.realms.saml.saml1.idp.entity_id=http://www.elastic.co/saml1', `xpack.security.authc.realms.saml.saml1.sp.entity_id=http://localhost:${kibanaPort}`, `xpack.security.authc.realms.saml.saml1.sp.logout=http://localhost:${kibanaPort}/logout`, From 79e207a7f4adeb94b40a5d102819398c6ea909fa Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Wed, 30 Oct 2024 21:27:37 +0100 Subject: [PATCH 11/13] remove devOnly --- packages/kbn-saml-provider-plugin/kibana.jsonc | 1 - 1 file changed, 1 deletion(-) diff --git a/packages/kbn-saml-provider-plugin/kibana.jsonc b/packages/kbn-saml-provider-plugin/kibana.jsonc index f73f9fe7191db..1aa22257908ce 100644 --- a/packages/kbn-saml-provider-plugin/kibana.jsonc +++ b/packages/kbn-saml-provider-plugin/kibana.jsonc @@ -2,7 +2,6 @@ "type": "plugin", "id": "@kbn/saml-provider-plugin", "owner": "@elastic/kibana-security", - "devOnly": true, "plugin": { "id": "samlProviderPlugin", "server": true, From fa725528a187731f8bf017ec74278883ad9a2857 Mon Sep 17 00:00:00 2001 From: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Date: Wed, 30 Oct 2024 20:59:03 +0000 Subject: [PATCH 12/13] [CI] Auto-commit changed files from 'node scripts/eslint --no-cache --fix' --- package.json | 1 + 1 file changed, 1 insertion(+) diff --git a/package.json b/package.json index fc735f5096a3f..4bc735236d878 100644 --- a/package.json +++ b/package.json @@ -761,6 +761,7 @@ "@kbn/rule-registry-plugin": "link:x-pack/plugins/rule_registry", "@kbn/runtime-fields-plugin": "link:x-pack/plugins/runtime_fields", "@kbn/safer-lodash-set": "link:packages/kbn-safer-lodash-set", + "@kbn/saml-provider-plugin": "link:packages/kbn-saml-provider-plugin", "@kbn/sample-task-plugin": "link:x-pack/test/plugin_api_integration/plugins/sample_task_plugin", "@kbn/sample-task-plugin-update-by-query": "link:x-pack/test/task_manager_claimer_update_by_query/plugins/sample_task_plugin_mget", "@kbn/saved-object-export-transforms-plugin": "link:test/plugin_functional/plugins/saved_object_export_transforms", From 1d5e7e1510cfef508844bc54489baf3166a80247 Mon Sep 17 00:00:00 2001 From: Dzmitry Lemechko Date: Wed, 30 Oct 2024 23:36:28 +0100 Subject: [PATCH 13/13] cleanup --- package.json | 1 - 1 file changed, 1 deletion(-) diff --git a/package.json b/package.json index 4bc735236d878..f6b99101aab36 100644 --- a/package.json +++ b/package.json @@ -1469,7 +1469,6 @@ "@kbn/repo-path": "link:packages/kbn-repo-path", "@kbn/repo-source-classifier": "link:packages/kbn-repo-source-classifier", "@kbn/repo-source-classifier-cli": "link:packages/kbn-repo-source-classifier-cli", - "@kbn/saml-provider-plugin": "link:packages/kbn-saml-provider-plugin", "@kbn/security-api-integration-helpers": "link:x-pack/test/security_api_integration/packages/helpers", "@kbn/serverless-storybook-config": "link:packages/serverless/storybook/config", "@kbn/some-dev-log": "link:packages/kbn-some-dev-log",