Misc changes I extracted from opensearch-project#4153

- Added hidden/reserved fields for TestSecurityConfig.User, TestSecurityConfig.Role
- Moved RolesMapping class into TestSecurityConfig
- Added ActionGroup class in TestSecurityConfig
- LocalOpenSearchCluster now always delete config folders when any test is over
- Added bodyAsJsonNode in the HttpResponse class

Signed-off-by: Andrey Pleskach <[email protected]>

src/integrationTest/java/org/opensearch/security/http/AnonymousAuthenticationTest.java

@@ -17,7 +17,6 @@
 import org.junit.Test;
 import org.junit.runner.RunWith;
 
-import org.opensearch.test.framework.RolesMapping;
 import org.opensearch.test.framework.TestSecurityConfig;
 import org.opensearch.test.framework.cluster.ClusterManager;
 import org.opensearch.test.framework.cluster.LocalCluster;
@@ -45,9 +44,9 @@ public class AnonymousAuthenticationTest {
     /**
     * Maps {@link #ANONYMOUS_USER_CUSTOM_ROLE} to {@link #DEFAULT_ANONYMOUS_USER_BACKEND_ROLE_NAME}
     */
-    private static final RolesMapping ANONYMOUS_USER_CUSTOM_ROLE_MAPPING = new RolesMapping(ANONYMOUS_USER_CUSTOM_ROLE).backendRoles(
-        DEFAULT_ANONYMOUS_USER_BACKEND_ROLE_NAME
-    );
+    private static final TestSecurityConfig.RoleMapping ANONYMOUS_USER_CUSTOM_ROLE_MAPPING = new TestSecurityConfig.RoleMapping(
+        ANONYMOUS_USER_CUSTOM_ROLE.getName()
+    ).backendRoles(DEFAULT_ANONYMOUS_USER_BACKEND_ROLE_NAME);
 
     /**
     * User who is stored in the internal user database and can authenticate

src/integrationTest/java/org/opensearch/security/http/AsyncTests.java

@@ -26,7 +26,6 @@
 import org.opensearch.security.IndexOperationsHelper;
 import org.opensearch.security.support.ConfigConstants;
 import org.opensearch.test.framework.AsyncActions;
-import org.opensearch.test.framework.RolesMapping;
 import org.opensearch.test.framework.TestSecurityConfig;
 import org.opensearch.test.framework.cluster.LocalCluster;
 import org.opensearch.test.framework.cluster.TestRestClient;
@@ -44,7 +43,7 @@ public class AsyncTests {
     public static LocalCluster cluster = new LocalCluster.Builder().singleNode()
         .authc(AUTHC_HTTPBASIC_INTERNAL)
         .users(ADMIN_USER)
-        .rolesMapping(new RolesMapping(ALL_ACCESS).backendRoles("admin"))
+        .rolesMapping(new TestSecurityConfig.RoleMapping(ALL_ACCESS.getName()).backendRoles("admin"))
         .anonymousAuth(false)
         .nodeSettings(Map.of(ConfigConstants.SECURITY_RESTAPI_ROLES_ENABLED, List.of(ALL_ACCESS.getName())))
         .build();

src/integrationTest/java/org/opensearch/security/http/CertificateAuthenticationTest.java

@@ -17,7 +17,7 @@
 import org.junit.Test;
 import org.junit.runner.RunWith;
 
-import org.opensearch.test.framework.RolesMapping;
+import org.opensearch.test.framework.TestSecurityConfig;
 import org.opensearch.test.framework.TestSecurityConfig.AuthcDomain;
 import org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.HttpAuthenticator;
 import org.opensearch.test.framework.TestSecurityConfig.Role;
@@ -69,7 +69,7 @@ public class CertificateAuthenticationTest {
         .authc(AUTHC_HTTPBASIC_INTERNAL)
         .roles(ROLE_ALL_INDEX_SEARCH)
         .users(USER_ADMIN)
-        .rolesMapping(new RolesMapping(ROLE_ALL_INDEX_SEARCH).backendRoles(BACKEND_ROLE_BRIDGE))
+        .rolesMapping(new TestSecurityConfig.RoleMapping(ROLE_ALL_INDEX_SEARCH.getName()).backendRoles(BACKEND_ROLE_BRIDGE))
         .build();
 
     private static final TestCertificates TEST_CERTIFICATES = cluster.getTestCertificates();

src/integrationTest/java/org/opensearch/security/http/CommonProxyAuthenticationTests.java

@@ -13,7 +13,6 @@
 import java.net.InetAddress;
 import java.util.List;
 
-import org.opensearch.test.framework.RolesMapping;
 import org.opensearch.test.framework.TestSecurityConfig;
 import org.opensearch.test.framework.cluster.LocalCluster;
 import org.opensearch.test.framework.cluster.TestRestClient;
@@ -84,13 +83,13 @@ abstract class CommonProxyAuthenticationTests {
         .indexPermissions("indices:data/read/search")
         .on(PERSONAL_INDEX_NAME_PATTERN);
 
-    protected static final RolesMapping ROLES_MAPPING_CAPTAIN = new RolesMapping(ROLE_PERSONAL_INDEX_SEARCH).backendRoles(
-        BACKEND_ROLE_CAPTAIN
-    );
+    protected static final TestSecurityConfig.RoleMapping ROLES_MAPPING_CAPTAIN = new TestSecurityConfig.RoleMapping(
+        ROLE_PERSONAL_INDEX_SEARCH.getName()
+    ).backendRoles(BACKEND_ROLE_CAPTAIN);
 
-    protected static final RolesMapping ROLES_MAPPING_FIRST_MATE = new RolesMapping(ROLE_ALL_INDEX_SEARCH).backendRoles(
-        BACKEND_ROLE_FIRST_MATE
-    );
+    protected static final TestSecurityConfig.RoleMapping ROLES_MAPPING_FIRST_MATE = new TestSecurityConfig.RoleMapping(
+        ROLE_ALL_INDEX_SEARCH.getName()
+    ).backendRoles(BACKEND_ROLE_FIRST_MATE);
 
     protected abstract LocalCluster getCluster();
 

src/integrationTest/java/org/opensearch/security/http/LdapAuthenticationTest.java

@@ -27,7 +27,6 @@
 import org.opensearch.test.framework.AuthzDomain;
 import org.opensearch.test.framework.LdapAuthenticationConfigBuilder;
 import org.opensearch.test.framework.LdapAuthorizationConfigBuilder;
-import org.opensearch.test.framework.RolesMapping;
 import org.opensearch.test.framework.TestSecurityConfig;
 import org.opensearch.test.framework.TestSecurityConfig.AuthcDomain;
 import org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.AuthenticationBackend;
@@ -118,7 +117,7 @@ public class LdapAuthenticationTest {
         )
         .authc(AUTHC_HTTPBASIC_INTERNAL)
         .users(ADMIN_USER)
-        .rolesMapping(new RolesMapping(ALL_ACCESS).backendRoles(CN_GROUP_ADMIN))
+        .rolesMapping(new TestSecurityConfig.RoleMapping(ALL_ACCESS.getName()).backendRoles(CN_GROUP_ADMIN))
         .authz(
             new AuthzDomain("ldap_roles").httpEnabled(true)
                 .authorizationBackend(

src/integrationTest/java/org/opensearch/security/http/LdapTlsAuthenticationTest.java

@@ -30,7 +30,7 @@
 import org.opensearch.test.framework.AuthzDomain;
 import org.opensearch.test.framework.LdapAuthenticationConfigBuilder;
 import org.opensearch.test.framework.LdapAuthorizationConfigBuilder;
-import org.opensearch.test.framework.RolesMapping;
+import org.opensearch.test.framework.TestSecurityConfig;
 import org.opensearch.test.framework.TestSecurityConfig.AuthcDomain;
 import org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.AuthenticationBackend;
 import org.opensearch.test.framework.TestSecurityConfig.AuthcDomain.HttpAuthenticator;
@@ -151,8 +151,8 @@ public class LdapTlsAuthenticationTest {
         .users(ADMIN_USER)
         .roles(ROLE_INDEX_ADMINISTRATOR, ROLE_PERSONAL_INDEX_ACCESS)
         .rolesMapping(
-            new RolesMapping(ROLE_INDEX_ADMINISTRATOR).backendRoles(CN_GROUP_ADMIN),
-            new RolesMapping(ROLE_PERSONAL_INDEX_ACCESS).backendRoles(CN_GROUP_CREW)
+            new TestSecurityConfig.RoleMapping(ROLE_INDEX_ADMINISTRATOR.getName()).backendRoles(CN_GROUP_ADMIN),
+            new TestSecurityConfig.RoleMapping(ROLE_PERSONAL_INDEX_ACCESS.getName()).backendRoles(CN_GROUP_CREW)
         )
         .authz(
             new AuthzDomain("ldap_roles").httpEnabled(true)

src/integrationTest/java/org/opensearch/security/http/OnBehalfOfJwtAuthenticationTest.java

@@ -33,7 +33,6 @@
 import org.opensearch.core.xcontent.XContentBuilder;
 import org.opensearch.security.authtoken.jwt.EncryptionDecryptionUtil;
 import org.opensearch.test.framework.OnBehalfOfConfig;
-import org.opensearch.test.framework.RolesMapping;
 import org.opensearch.test.framework.TestSecurityConfig;
 import org.opensearch.test.framework.cluster.ClusterManager;
 import org.opensearch.test.framework.cluster.LocalCluster;
@@ -139,7 +138,7 @@ private static OnBehalfOfConfig defaultOnBehalfOfConfig() {
             )
         )
         .authc(AUTHC_HTTPBASIC_INTERNAL)
-        .rolesMapping(new RolesMapping(HOST_MAPPING_ROLE).hostIPs(HOST_MAPPING_IP))
+        .rolesMapping(new TestSecurityConfig.RoleMapping(HOST_MAPPING_ROLE.getName()).hosts(HOST_MAPPING_IP))
         .onBehalfOf(defaultOnBehalfOfConfig())
         .build();