Add catch for Enterprise Search sending back a 401 response instead o…

…f redirect (elastic#80757)

- apparently this changed at some point between 7.9 and 7.10

x-pack/plugins/enterprise_search/server/lib/enterprise_search_request_handler.test.ts

@@ -303,6 +303,10 @@ describe('EnterpriseSearchRequestHandler', () => {
         expect(mockLogger.error).toHaveBeenCalled();
       });
 
+      it('errors when receiving a 401 response', async () => {
+        EnterpriseSearchAPI.mockReturn({}, { status: 401 });
+      });
+
       it('errors when redirected to /login', async () => {
         EnterpriseSearchAPI.mockReturn({}, { url: 'http://localhost:3002/login' });
       });

x-pack/plugins/enterprise_search/server/lib/enterprise_search_request_handler.ts

@@ -84,8 +84,12 @@ export class EnterpriseSearchRequestHandler {
         // Handle response headers
         this.setResponseHeaders(apiResponse);
 
-        // Handle authentication redirects
-        if (apiResponse.url.endsWith('/login') || apiResponse.url.endsWith('/ent/select')) {
+        // Handle unauthenticated users / authentication redirects
+        if (
+          apiResponse.status === 401 ||
+          apiResponse.url.endsWith('/login') ||
+          apiResponse.url.endsWith('/ent/select')
+        ) {
           return this.handleAuthenticationError(response);
         }
 
@@ -213,6 +217,10 @@ export class EnterpriseSearchRequestHandler {
     return response.customError({ statusCode: 502, headers: this.headers, body: errorMessage });
   }
 
+  /**
+   * Note: Kibana auto logs users out when it receives a 401 response, so we want to catch and
+   * return 401 responses from Enterprise Search as a 502 so Kibana sessions aren't interrupted
+   */
   handleAuthenticationError(response: KibanaResponseFactory) {
     const errorMessage = 'Cannot authenticate Enterprise Search user';