-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security in Core] Exposes apiKeys
from core.security.authc
#186910
[Security in Core] Exposes apiKeys
from core.security.authc
#186910
Conversation
/ci |
/ci |
/ci |
/ci |
packages/core/security/core-security-common/src/roles/schema.ts
Outdated
Show resolved
Hide resolved
apiKeys
from coreapiKeys
from core.security.authc
/ci |
@elasticmachine merge upstream |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 🚀
@@ -26,6 +26,26 @@ export class CoreSecurityRouteHandlerContext implements SecurityRequestHandlerCo | |||
if (this.#authc == null) { | |||
this.#authc = { | |||
getCurrentUser: () => this.securityStart.authc.getCurrentUser(this.request), | |||
apiKeys: { | |||
areAPIKeysEnabled: this.securityStart.authc.apiKeys.areAPIKeysEnabled.bind( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: we can use arrow function instead of bind, like getCurrentUser
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good idea! Addressed in 1faeaa4
💛 Build succeeded, but was flaky
Failed CI StepsThe CI Stats report is too large to be displayed here, check out the CI build annotation for this information. History
To update your PR or re-run it, just comment with: |
@elasticmachine merge upstream |
💛 Build succeeded, but was flaky
Failed CI StepsMetrics [docs]Public APIs missing comments
Any counts in public APIs
Unknown metric groupsAPI count
History
|
…gin to core security service (#189713) ## Summary Part of #186574 Closes #189714 Background: This PR is an example of a plugin migrating away from depending on the Security plugin, which is a high-priority effort for the last release before 9.0. The Enterprise search plugin uses authc.apiKeys.create from the security plugin's start contract on the server side. For more context, the PR which exposes the API keys service from core is here: #186910 This PR migrates the usage from the security plugin start contract to the core security service. --------- Co-authored-by: Elastic Machine <[email protected]> Co-authored-by: kibanamachine <[email protected]>
Summary
Expose
apiKeys
as a service undercore.security.authc.apiKeys
.Closes #184764
Details
PR introduces a new API Keys Service which is accessible under the
authc
namespace in core.security. The service exposes the public API that was already available on the server-side in the security plugin.The service is initialized and registered with core using the
delegate_api
- allowing access to the service within the core plugin without the need for thesecurity
plugin.Note: I had to move quite a few types/functions around to prevent cyclical dependencies.
Plugins and the APIs that use the current
apiKeys
function from the security pluginExpand for table with details