Rename concrete classes

Signed-off-by: Peter Nied <petern@amazon.com>
peternied · Oct 3, 2023 · 20c9ea7 · 20c9ea7
1 parent e749a8e
commit 20c9ea7
Show file tree

Hide file tree

Showing 13 changed files with 243 additions and 228 deletions.
diff --git a/src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java b/src/main/java/com/amazon/dlic/auth/http/saml/HTTPSamlAuthenticator.java
@@ -63,8 +63,8 @@
 import org.opensearch.security.auth.HTTPAuthenticator;
 import org.opensearch.security.filter.SecurityRequest;
 import org.opensearch.security.filter.SecurityRequestChannel;
-import org.opensearch.security.filter.SecurityRequestFactory.SecurityRestRequestChannel;
 import org.opensearch.security.filter.SecurityRequetChannelUnsupported;
+import org.opensearch.security.filter.OpenSearchRequestChannel;
 import org.opensearch.security.support.ConfigConstants;
 import org.opensearch.security.support.PemKeyReader;
 import org.opensearch.security.user.AuthCredentials;
@@ -183,10 +183,10 @@ public boolean reRequestAuthentication(final SecurityRequestChannel request, fin
 
             if (API_AUTHTOKEN_SUFFIX.equals(suffix)) {
                 // Verficiation of SAML ASC endpoint only works with RestRequests
-                if (!(request instanceof SecurityRestRequestChannel)) {
+                if (!(request instanceof OpenSearchRequestChannel)) {
                     throw new SecurityRequetChannelUnsupported();
                 } else {
-                    final SecurityRestRequestChannel securityRequestChannel = (SecurityRestRequestChannel) request;
+                    final OpenSearchRequestChannel securityRequestChannel = (OpenSearchRequestChannel) request;
                     final RestRequest restRequest = securityRequestChannel.breakEncapsulationForRequest();
                     final RestChannel channel = securityRequestChannel.breakEncapsulationForChannel();
                     if (this.authTokenProcessorHandler.handle(restRequest, channel)) {

diff --git a/src/main/java/org/opensearch/security/auditlog/AuditLog.java b/src/main/java/org/opensearch/security/auditlog/AuditLog.java
@@ -37,21 +37,22 @@
 import org.opensearch.core.index.shard.ShardId;
 import org.opensearch.security.auditlog.config.AuditConfig;
 import org.opensearch.security.compliance.ComplianceConfig;
+import org.opensearch.security.filter.SecurityRequest;
 import org.opensearch.security.filter.SecurityRequestChannel;
 import org.opensearch.tasks.Task;
 import org.opensearch.transport.TransportRequest;
 
 public interface AuditLog extends Closeable {
 
     // login
-    void logFailedLogin(String effectiveUser, boolean securityadmin, String initiatingUser, SecurityRequestChannel request);
+    void logFailedLogin(String effectiveUser, boolean securityadmin, String initiatingUser, SecurityRequest request);
 
-    void logSucceededLogin(String effectiveUser, boolean securityadmin, String initiatingUser, SecurityRequestChannel request);
+    void logSucceededLogin(String effectiveUser, boolean securityadmin, String initiatingUser, SecurityRequest request);
 
     // privs
-    void logMissingPrivileges(String privilege, String effectiveUser, SecurityRequestChannel request);
+    void logMissingPrivileges(String privilege, String effectiveUser, SecurityRequest request);
 
-    void logGrantedPrivileges(String effectiveUser, SecurityRequestChannel request);
+    void logGrantedPrivileges(String effectiveUser, SecurityRequest request);
 
     void logMissingPrivileges(String privilege, TransportRequest request, Task task);
 
@@ -63,13 +64,13 @@ public interface AuditLog extends Closeable {
     // spoof
     void logBadHeaders(TransportRequest request, String action, Task task);
 
-    void logBadHeaders(SecurityRequestChannel request);
+    void logBadHeaders(SecurityRequest request);
 
     void logSecurityIndexAttempt(TransportRequest request, String action, Task task);
 
     void logSSLException(TransportRequest request, Throwable t, String action, Task task);
 
-    void logSSLException(SecurityRequestChannel request, Throwable t);
+    void logSSLException(SecurityRequest request, Throwable t);
 
     void logDocumentRead(String index, String id, ShardId shardId, Map<String, String> fieldNameValues);
 

diff --git a/src/main/java/org/opensearch/security/auditlog/NullAuditLog.java b/src/main/java/org/opensearch/security/auditlog/NullAuditLog.java
@@ -37,7 +37,7 @@
 import org.opensearch.core.index.shard.ShardId;
 import org.opensearch.security.auditlog.config.AuditConfig;
 import org.opensearch.security.compliance.ComplianceConfig;
-import org.opensearch.security.filter.SecurityRequestChannel;
+import org.opensearch.security.filter.SecurityRequest;
 import org.opensearch.tasks.Task;
 import org.opensearch.transport.TransportRequest;
 
@@ -49,12 +49,12 @@ public void close() throws IOException {
     }
 
     @Override
-    public void logFailedLogin(String effectiveUser, boolean securityadmin, String initiatingUser, SecurityRequestChannel request) {
+    public void logFailedLogin(String effectiveUser, boolean securityadmin, String initiatingUser, SecurityRequest request) {
         // noop, intentionally left empty
     }
 
     @Override
-    public void logSucceededLogin(String effectiveUser, boolean securityadmin, String initiatingUser, SecurityRequestChannel request) {
+    public void logSucceededLogin(String effectiveUser, boolean securityadmin, String initiatingUser, SecurityRequest request) {
         // noop, intentionally left empty
     }
 
@@ -79,7 +79,7 @@ public void logBadHeaders(TransportRequest request, String action, Task task) {
     }
 
     @Override
-    public void logBadHeaders(SecurityRequestChannel request) {
+    public void logBadHeaders(SecurityRequest request) {
         // noop, intentionally left empty
     }
 
@@ -94,17 +94,17 @@ public void logSSLException(TransportRequest request, Throwable t, String action
     }
 
     @Override
-    public void logSSLException(SecurityRequestChannel request, Throwable t) {
+    public void logSSLException(SecurityRequest request, Throwable t) {
         // noop, intentionally left empty
     }
 
     @Override
-    public void logMissingPrivileges(String privilege, String effectiveUser, SecurityRequestChannel request) {
+    public void logMissingPrivileges(String privilege, String effectiveUser, SecurityRequest request) {
         // noop, intentionally left empty
     }
 
     @Override
-    public void logGrantedPrivileges(String effectiveUser, SecurityRequestChannel request) {
+    public void logGrantedPrivileges(String effectiveUser, SecurityRequest request) {
         // noop, intentionally left empty
     }
 

diff --git a/src/main/java/org/opensearch/security/auditlog/impl/AbstractAuditLog.java b/src/main/java/org/opensearch/security/auditlog/impl/AbstractAuditLog.java
@@ -65,6 +65,7 @@
 import org.opensearch.security.auditlog.config.AuditConfig;
 import org.opensearch.security.compliance.ComplianceConfig;
 import org.opensearch.security.dlic.rest.support.Utils;
+import org.opensearch.security.filter.SecurityRequest;
 import org.opensearch.security.filter.SecurityRequestChannel;
 import org.opensearch.security.support.Base64Helper;
 import org.opensearch.security.support.ConfigConstants;
@@ -139,7 +140,7 @@ public ComplianceConfig getComplianceConfig() {
     }
 
     @Override
-    public void logFailedLogin(String effectiveUser, boolean securityadmin, String initiatingUser, SecurityRequestChannel request) {
+    public void logFailedLogin(String effectiveUser, boolean securityadmin, String initiatingUser, SecurityRequest request) {
 
         if (!checkRestFilter(AuditCategory.FAILED_LOGIN, effectiveUser, request)) {
             return;
@@ -157,7 +158,7 @@ public void logFailedLogin(String effectiveUser, boolean securityadmin, String i
     }
 
     @Override
-    public void logSucceededLogin(String effectiveUser, boolean securityadmin, String initiatingUser, SecurityRequestChannel request) {
+    public void logSucceededLogin(String effectiveUser, boolean securityadmin, String initiatingUser, SecurityRequest request) {
 
         if (!checkRestFilter(AuditCategory.AUTHENTICATED, effectiveUser, request)) {
             return;
@@ -174,7 +175,7 @@ public void logSucceededLogin(String effectiveUser, boolean securityadmin, Strin
     }
 
     @Override
-    public void logMissingPrivileges(String privilege, String effectiveUser, SecurityRequestChannel request) {
+    public void logMissingPrivileges(String privilege, String effectiveUser, SecurityRequest request) {
         if (!checkRestFilter(AuditCategory.MISSING_PRIVILEGES, effectiveUser, request)) {
             return;
         }
@@ -189,7 +190,7 @@ public void logMissingPrivileges(String privilege, String effectiveUser, Securit
     }
 
     @Override
-    public void logGrantedPrivileges(String effectiveUser, SecurityRequestChannel request) {
+    public void logGrantedPrivileges(String effectiveUser, SecurityRequest request) {
         if (!checkRestFilter(AuditCategory.GRANTED_PRIVILEGES, effectiveUser, request)) {
             return;
         }
@@ -348,7 +349,7 @@ public void logBadHeaders(TransportRequest request, String action, Task task) {
     }
 
     @Override
-    public void logBadHeaders(SecurityRequestChannel request) {
+    public void logBadHeaders(SecurityRequest request) {
 
         if (!checkRestFilter(AuditCategory.BAD_HEADERS, getUser(), request)) {
             return;
@@ -437,7 +438,7 @@ public void logSSLException(TransportRequest request, Throwable t, String action
     }
 
     @Override
-    public void logSSLException(SecurityRequestChannel request, Throwable t) {
+    public void logSSLException(SecurityRequest request, Throwable t) {
 
         if (!checkRestFilter(AuditCategory.SSL_EXCEPTION, getUser(), request)) {
             return;
@@ -898,7 +899,7 @@ private boolean checkComplianceFilter(
     }
 
     @VisibleForTesting
-    boolean checkRestFilter(final AuditCategory category, final String effectiveUser, SecurityRequestChannel request) {
+    boolean checkRestFilter(final AuditCategory category, final String effectiveUser, SecurityRequest request) {
         final boolean isTraceEnabled = log.isTraceEnabled();
         if (isTraceEnabled) {
             log.trace(

diff --git a/src/main/java/org/opensearch/security/auditlog/impl/AuditLogImpl.java b/src/main/java/org/opensearch/security/auditlog/impl/AuditLogImpl.java
@@ -33,6 +33,7 @@
 import org.opensearch.core.index.shard.ShardId;
 import org.opensearch.security.auditlog.config.AuditConfig;
 import org.opensearch.security.auditlog.routing.AuditMessageRouter;
+import org.opensearch.security.filter.SecurityRequest;
 import org.opensearch.security.filter.SecurityRequestChannel;
 import org.opensearch.tasks.Task;
 import org.opensearch.threadpool.ThreadPool;
@@ -131,28 +132,28 @@ protected void save(final AuditMessage msg) {
     }
 
     @Override
-    public void logFailedLogin(String effectiveUser, boolean securityAdmin, String initiatingUser, SecurityRequestChannel request) {
+    public void logFailedLogin(String effectiveUser, boolean securityAdmin, String initiatingUser, SecurityRequest request) {
         if (enabled) {
             super.logFailedLogin(effectiveUser, securityAdmin, initiatingUser, request);
         }
     }
 
     @Override
-    public void logSucceededLogin(String effectiveUser, boolean securityAdmin, String initiatingUser, SecurityRequestChannel request) {
+    public void logSucceededLogin(String effectiveUser, boolean securityAdmin, String initiatingUser, SecurityRequest request) {
         if (enabled) {
             super.logSucceededLogin(effectiveUser, securityAdmin, initiatingUser, request);
         }
     }
 
     @Override
-    public void logMissingPrivileges(String privilege, String effectiveUser, SecurityRequestChannel request) {
+    public void logMissingPrivileges(String privilege, String effectiveUser, SecurityRequest request) {
         if (enabled) {
             super.logMissingPrivileges(privilege, effectiveUser, request);
         }
     }
 
     @Override
-    public void logGrantedPrivileges(String effectiveUser, SecurityRequestChannel request) {
+    public void logGrantedPrivileges(String effectiveUser, SecurityRequest request) {
         if (enabled) {
             super.logGrantedPrivileges(effectiveUser, request);
         }
@@ -187,7 +188,7 @@ public void logBadHeaders(TransportRequest request, String action, Task task) {
     }
 
     @Override
-    public void logBadHeaders(SecurityRequestChannel request) {
+    public void logBadHeaders(SecurityRequest request) {
         if (enabled) {
             super.logBadHeaders(request);
         }
@@ -208,7 +209,7 @@ public void logSSLException(TransportRequest request, Throwable t, String action
     }
 
     @Override
-    public void logSSLException(SecurityRequestChannel request, Throwable t) {
+    public void logSSLException(SecurityRequest request, Throwable t) {
         if (enabled) {
             super.logSSLException(request, t);
         }

diff --git a/src/main/java/org/opensearch/security/auditlog/impl/AuditMessage.java b/src/main/java/org/opensearch/security/auditlog/impl/AuditMessage.java
@@ -48,8 +48,9 @@
 import org.opensearch.security.auditlog.AuditLog.Origin;
 import org.opensearch.security.auditlog.config.AuditConfig;
 import org.opensearch.security.dlic.rest.support.Utils;
+import org.opensearch.security.filter.SecurityRequest;
 import org.opensearch.security.filter.SecurityRequestChannel;
-import org.opensearch.security.filter.SecurityRequestFactory.SecurityRestRequestChannel;
+import org.opensearch.security.filter.OpenSearchRequest;
 import org.opensearch.security.securityconf.impl.CType;
 import org.opensearch.security.support.WildcardMatcher;
 
@@ -371,7 +372,7 @@ void addRestMethod(final RestRequest.Method method) {
         }
     }
 
-    void addRestRequestInfo(final SecurityRequestChannel request, final AuditConfig.Filter filter) {
+    void addRestRequestInfo(final SecurityRequest request, final AuditConfig.Filter filter) {
         if (request != null) {
             final String path = request.path().toString();
             addPath(path);
@@ -381,12 +382,12 @@ void addRestRequestInfo(final SecurityRequestChannel request, final AuditConfig.
 
             if (filter.shouldLogRequestBody()) {
 
-                if (!(request instanceof SecurityRestRequestChannel)) {
+                if (!(request instanceof OpenSearchRequest)) {
                     // The request body is only avaliable on some request sources
                     return;
                 }
 
-                final SecurityRestRequestChannel securityRestRequest = (SecurityRestRequestChannel) request;
+                final OpenSearchRequest securityRestRequest = (OpenSearchRequest) request;
                 final RestRequest restRequest = securityRestRequest.breakEncapsulationForRequest();
 
                 if (!(restRequest.hasContentOrSourceParam())) {

diff --git a/src/main/java/org/opensearch/security/filter/NettyRequest.java b/src/main/java/org/opensearch/security/filter/NettyRequest.java
@@ -0,0 +1,66 @@
+package org.opensearch.security.filter;
+
+import java.net.InetSocketAddress;
+import java.util.List;
+import java.util.Map;
+import java.util.Optional;
+
+import javax.net.ssl.SSLEngine;
+
+import org.opensearch.rest.RestRequest.Method;
+
+class NettyRequest implements SecurityRequestChannel {
+    @Override
+    public Map<String, List<String>> getHeaders() {
+        // TODO Auto-generated method stub
+        throw new UnsupportedOperationException("Unimplemented method 'getHeaders'");
+    }
+
+    @Override
+    public SSLEngine getSSLEngine() {
+        // TODO Auto-generated method stub
+        throw new UnsupportedOperationException("Unimplemented method 'getSSLEngine'");
+    }
+
+    @Override
+    public String path() {
+        // TODO Auto-generated method stub
+        throw new UnsupportedOperationException("Unimplemented method 'path'");
+    }
+
+    @Override
+    public Method method() {
+        // TODO Auto-generated method stub
+        throw new UnsupportedOperationException("Unimplemented method 'method'");
+    }
+
+    @Override
+    public Optional<InetSocketAddress> getRemoteAddress() {
+        // TODO Auto-generated method stub
+        throw new UnsupportedOperationException("Unimplemented method 'getRemoteAddress'");
+    }
+
+    @Override
+    public String uri() {
+        // TODO Auto-generated method stub
+        throw new UnsupportedOperationException("Unimplemented method 'uri'");
+    }
+
+    @Override
+    public Map<String, String> params() {
+        // TODO Auto-generated method stub
+        throw new UnsupportedOperationException("Unimplemented method 'params'");
+    }
+
+    @Override
+    public boolean hasCompleted() {
+        // TODO Auto-generated method stub
+        throw new UnsupportedOperationException("Unimplemented method 'hasCompleted'");
+    }
+
+    @Override
+    public boolean completeWithResponse(int statusCode, Map<String, String> headers, String body) {
+        // TODO Auto-generated method stub
+        throw new UnsupportedOperationException("Unimplemented method 'completeWithResponse'");
+    }
+}