Skip to content

Commit

Permalink
Tweak security config
Browse files Browse the repository at this point in the history
  • Loading branch information
@jportner
jportner committed Aug 31, 2021
1 parent d8f485c commit a9959d1
Show file tree
Hide file tree
Showing 3 changed files with 33 additions and 35 deletions.
64 changes: 31 additions & 33 deletions x-pack/plugins/security/server/config.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1689,41 +1689,39 @@ describe('createConfig()', () => {
`);
});

it('falls back to the global settings if provider is not known', async () => {
expect(
createMockConfig({ session: { idleTimeout: 123 } }).session.getExpirationTimeouts({
type: 'some type',
name: 'some name',
})
).toMatchInlineSnapshot(`
Object {
"idleTimeout": "PT0.123S",
"lifespan": "P30D",
}
`);
it('falls back to the global settings if provider is not known or is undefined', async () => {
[{ type: 'some type', name: 'some name' }, undefined].forEach((provider) => {
expect(
createMockConfig({ session: { idleTimeout: 123 } }).session.getExpirationTimeouts(
provider
)
).toMatchInlineSnapshot(`
Object {
"idleTimeout": "PT0.123S",
"lifespan": "P30D",
}
`);

expect(
createMockConfig({ session: { lifespan: 456 } }).session.getExpirationTimeouts({
type: 'some type',
name: 'some name',
})
).toMatchInlineSnapshot(`
Object {
"idleTimeout": "PT1H",
"lifespan": "PT0.456S",
}
`);
expect(
createMockConfig({ session: { lifespan: 456 } }).session.getExpirationTimeouts(provider)
).toMatchInlineSnapshot(`
Object {
"idleTimeout": "PT1H",
"lifespan": "PT0.456S",
}
`);

expect(
createMockConfig({
session: { idleTimeout: 123, lifespan: 456 },
}).session.getExpirationTimeouts({ type: 'some type', name: 'some name' })
).toMatchInlineSnapshot(`
Object {
"idleTimeout": "PT0.123S",
"lifespan": "PT0.456S",
}
`);
expect(
createMockConfig({
session: { idleTimeout: 123, lifespan: 456 },
}).session.getExpirationTimeouts(provider)
).toMatchInlineSnapshot(`
Object {
"idleTimeout": "PT0.123S",
"lifespan": "PT0.456S",
}
`);
});
});

it('uses provider overrides if specified (only idle timeout)', async () => {
Expand Down
2 changes: 1 addition & 1 deletion x-pack/plugins/security/server/config.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -391,7 +391,7 @@ export function createConfig(
function getSessionConfig(session: RawConfigType['session'], providers: ProvidersConfigType) {
return {
cleanupInterval: session.cleanupInterval,
getExpirationTimeouts(provider?: AuthenticationProvider) {
getExpirationTimeouts(provider: AuthenticationProvider | undefined) {
// Both idle timeout and lifespan from the provider specific session config can have three
// possible types of values: `Duration`, `null` and `undefined`. The `undefined` type means that
// provider doesn't override session config and we should fall back to the global one instead.
Expand Down
2 changes: 1 addition & 1 deletion x-pack/plugins/security/server/usage_collector/security_usage_collector.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -181,7 +181,7 @@ export function registerSecurityUsageCollector({ usageCollection, config, licens
WELL_KNOWN_AUTH_SCHEMES.includes(scheme.toLowerCase())
);

const sessionExpirations = config.session.getExpirationTimeouts(); // get global expiration values
const sessionExpirations = config.session.getExpirationTimeouts(undefined); // use `undefined` to get global expiration values
const sessionIdleTimeoutInMinutes = sessionExpirations.idleTimeout?.asMinutes() ?? 0;
const sessionLifespanInMinutes = sessionExpirations.lifespan?.asMinutes() ?? 0;
const sessionCleanupInMinutes = config.session.cleanupInterval?.asMinutes() ?? 0;
Expand Down

0 comments on commit a9959d1

Please sign in to comment.