Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding deprecation warning for Interactive Users using ApiKeys #136422

Merged
merged 16 commits into from
Jul 20, 2022
Merged

Adding deprecation warning for Interactive Users using ApiKeys #136422

merged 16 commits into from
Jul 20, 2022

Conversation

kc13greiner
Copy link
Contributor

@kc13greiner kc13greiner commented Jul 14, 2022
edited by legrego
Loading

Summary

Resolves #120804

  • Log usage of deprecated functionality where interactive users are authenticating via ApiKey
  • Updating docs with a warning that this functionality is deprecated

Preview of docs:
Screen Shot 2022-07-18 at 11 49 35 AM
Screen Shot 2022-07-18 at 11 49 29 AM

Release Notes

  • Interactive users authenticating via ApiKey is deprecated and support will be removed in a future version

@kc13greiner kc13greiner added Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! release_note:deprecation v8.4.0 docs labels Jul 14, 2022
@kc13greiner kc13greiner marked this pull request as ready for review July 18, 2022 15:48
@kc13greiner kc13greiner requested a review from a team as a code owner July 18, 2022 15:48
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-security (Team:Security)

@kc13greiner kc13greiner requested review from azasypkin and legrego July 18, 2022 15:49
legrego
legrego reviewed Jul 18, 2022
View reviewed changes
Copy link
Member

@legrego legrego left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I defer to Oleg for reviewing the implementation, so just a comment about docs from my side. Thanks for picking this up!

docs/user/security/api-keys/index.asciidoc Outdated Show resolved Hide resolved
docs/user/security/authentication/index.asciidoc Outdated Show resolved Hide resolved
@legrego legrego requested a review from gchaps July 18, 2022 16:19
gchaps
gchaps reviewed Jul 18, 2022
View reviewed changes
docs/user/security/api-keys/index.asciidoc Outdated Show resolved Hide resolved
docs/user/security/authentication/index.asciidoc Outdated Show resolved Hide resolved
x-pack/plugins/security/server/routes/analytics/authentication_type.test.ts Outdated
expect(routeParamsMock.analyticsService.reportAuthenticationTypeEvent).toHaveBeenCalledWith({
authenticationProviderType: 'http',
authenticationRealmType: 'native',
httpAuthenticationScheme: 'Custom',
});
});
});

describe('logApiKeyWithInteractiveUserDeprecated', () => {
it('should log a deprecation warning if interactive user is using API Key', async () => {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"interactive user" is not a term I normally see. Can we drop "interactive" or find another way to explain what is meant here?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How about something like:

should log a deprecation warning if a user is authenticating via API key while accessing the application through a web browser

@legrego
Copy link
Member

legrego commented Jul 19, 2022

Docs LGTM, pending Oleg's review. Thanks for the edits!

azasypkin
azasypkin approved these changes Jul 20, 2022
View reviewed changes
Copy link
Member

@azasypkin azasypkin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks! Just a few minor nits before merging. Also would you mind either updating or removing outdated docs screenshots from the issue description?

x-pack/plugins/security/server/routes/analytics/authentication_type.test.ts Outdated Show resolved Hide resolved
x-pack/plugins/security/server/routes/analytics/authentication_type.ts Outdated Show resolved Hide resolved
x-pack/plugins/security/server/routes/analytics/authentication_type.ts Outdated Show resolved Hide resolved
x-pack/plugins/security/server/routes/analytics/authentication_type.test.ts Outdated Show resolved Hide resolved
@kibana-ci
Copy link
Collaborator

💚 Build Succeeded

Metrics [docs]

✅ unchanged

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@kc13greiner kc13greiner merged commit e22e3a5 into elastic:main Jul 20, 2022
@kibanamachine kibanamachine added the backport:skip This commit does not require backporting label Jul 20, 2022
@kc13greiner kc13greiner deleted the feature/apikey_deprecation branch July 20, 2022 14:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gchaps gchaps gchaps left review comments

@legrego legrego legrego left review comments

@azasypkin azasypkin azasypkin approved these changes

Assignees
No one assigned
Labels
backport:skip This commit does not require backporting docs release_note:deprecation Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! v8.4.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Deprecate interactive users authenticating via API Keys
7 participants
@kc13greiner @elasticmachine @legrego @kibana-ci @azasypkin @gchaps @kibanamachine