diff --git a/x-pack/qa/rolling-upgrade/src/test/resources/rest-api-spec/test/mixed_cluster/50_token_auth.yml b/x-pack/qa/rolling-upgrade/src/test/resources/rest-api-spec/test/mixed_cluster/50_token_auth.yml deleted file mode 100644 index 9fac41b569048..0000000000000 --- a/x-pack/qa/rolling-upgrade/src/test/resources/rest-api-spec/test/mixed_cluster/50_token_auth.yml +++ /dev/null @@ -1,180 +0,0 @@ ---- -"Get the indexed token and use if to authenticate": - - skip: - features: headers - - - do: - cluster.health: - wait_for_status: yellow - - - do: - get: - index: token_index - id: "6" - - - match: { _index: token_index } - - match: { _id: "6" } - - is_true: _source.token - - set: { _source.token : token } - - - do: - headers: - Authorization: Bearer ${token} - security.authenticate: {} - - - match: { username: "token_user" } - - match: { roles.0: "superuser" } - - match: { full_name: "Token User" } - - # call three times because the client rotates the nodes - - do: - headers: - Authorization: Bearer ${token} - search: - rest_total_hits_as_int: true - index: token_index - - - match: { hits.total: 8 } - - - do: - headers: - Authorization: Bearer ${token} - search: - rest_total_hits_as_int: true - index: token_index - - - match: { hits.total: 8 } - - - do: - headers: - Authorization: Bearer ${token} - search: - rest_total_hits_as_int: true - index: token_index - - - match: { hits.total: 8 } - ---- -"Get the indexed refreshed access token and use if to authenticate": - - skip: - features: headers - - - do: - get: - index: token_index - id: "7" - - - match: { _index: token_index } - - match: { _id: "7" } - - is_true: _source.token - - set: { _source.token : token } - - - do: - headers: - Authorization: Bearer ${token} - security.authenticate: {} - - - match: { username: "token_user" } - - match: { roles.0: "superuser" } - - match: { full_name: "Token User" } - - - do: - headers: - Authorization: Bearer ${token} - search: - rest_total_hits_as_int: true - index: token_index - - - match: { hits.total: 8 } - - - do: - headers: - Authorization: Bearer ${token} - search: - rest_total_hits_as_int: true - index: token_index - - - match: { hits.total: 8 } - - - do: - headers: - Authorization: Bearer ${token} - search: - rest_total_hits_as_int: true - index: token_index - - - match: { hits.total: 8 } - ---- -"Get the indexed refresh token and use it to get another access token and authenticate": - - skip: - features: headers - - - do: - get: - index: token_index - id: "8" - - - match: { _index: token_index } - - match: { _id: "8" } - - is_true: _source.token - - set: { _source.token : refresh_token } - - - do: - security.get_token: - body: - grant_type: "refresh_token" - refresh_token: "${refresh_token}" - - - match: { type: "Bearer" } - - is_true: access_token - - set: { access_token: token } - - is_true: refresh_token - - set: { refresh_token: refresh_token } - - match: { expires_in: 3600 } - - is_false: scope - - - do: - headers: - Authorization: Bearer ${token} - security.authenticate: {} - - - match: { username: "token_user" } - - match: { roles.0: "superuser" } - - match: { full_name: "Token User" } - - - do: - headers: - Authorization: Bearer ${token} - search: - rest_total_hits_as_int: true - index: token_index - - - match: { hits.total: 8 } - - - do: - headers: - Authorization: Bearer ${token} - search: - rest_total_hits_as_int: true - index: token_index - - - match: { hits.total: 8 } - - - do: - headers: - Authorization: Bearer ${token} - search: - rest_total_hits_as_int: true - index: token_index - - - match: { hits.total: 8 } - - # overwrite the used refresh token with the new one - - do: - headers: - Authorization: Bearer ${token} - index: - index: token_index - id: "8" - body: { "token" : "${refresh_token}"} diff --git a/x-pack/qa/rolling-upgrade/src/test/resources/rest-api-spec/test/old_cluster/50_token_auth.yml b/x-pack/qa/rolling-upgrade/src/test/resources/rest-api-spec/test/old_cluster/50_token_auth.yml deleted file mode 100644 index 2f44c37a37f98..0000000000000 --- a/x-pack/qa/rolling-upgrade/src/test/resources/rest-api-spec/test/old_cluster/50_token_auth.yml +++ /dev/null @@ -1,130 +0,0 @@ ---- -"Create a token and reuse it across the upgrade": - - skip: - features: headers - - - do: - cluster.health: - wait_for_status: yellow - - - do: - security.put_user: - username: "token_user" - body: > - { - "password" : "x-pack-test-password", - "roles" : [ "superuser" ], - "full_name" : "Token User" - } - - - do: - security.get_token: - body: - grant_type: "password" - username: "token_user" - password: "x-pack-test-password" - - - match: { type: "Bearer" } - - is_true: access_token - - set: { access_token: token } - - is_true: refresh_token - - set: { refresh_token: refresh_token } - - match: { expires_in: 3600 } - - is_false: scope - - - do: - headers: - Authorization: Bearer ${token} - security.authenticate: {} - - - match: { username: "token_user" } - - match: { roles.0: "superuser" } - - match: { full_name: "Token User" } - - - do: - indices.create: - index: token_index - wait_for_active_shards : all - body: - settings: - index: - number_of_replicas: 1 - - - do: - headers: - Authorization: Bearer ${token} - bulk: - refresh: true - body: - - '{"index": {"_index": "token_index", "_id" : "1"}}' - - '{"f1": "v1_old", "f2": 0}' - - '{"index": {"_index": "token_index", "_id" : "2"}}' - - '{"f1": "v2_old", "f2": 1}' - - '{"index": {"_index": "token_index", "_id" : "3"}}' - - '{"f1": "v3_old", "f2": 2}' - - '{"index": {"_index": "token_index", "_id" : "4"}}' - - '{"f1": "v4_old", "f2": 3}' - - '{"index": {"_index": "token_index", "_id" : "5"}}' - - '{"f1": "v5_old", "f2": 4}' - - - do: - headers: - Authorization: Bearer ${token} - search: - rest_total_hits_as_int: true - index: token_index - - - match: { hits.total: 5 } - - # we do store the token in the index such that we can reuse it down the road once - # the cluster is upgraded - - do: - headers: - Authorization: Bearer ${token} - index: - index: token_index - id: "6" - body: { "token" : "${token}"} - - # refresh token and store it as well - - do: - security.get_token: - body: - grant_type: "refresh_token" - refresh_token: "${refresh_token}" - - - match: { type: "Bearer" } - - is_true: access_token - - set: { access_token: refreshed_access_token } - - is_true: refresh_token - - set: { refresh_token: refreshed_refresh_token } - - match: { expires_in: 3600 } - - is_false: scope - - # test refresh token (use it) - - do: - headers: - Authorization: Bearer ${refreshed_access_token} - security.authenticate: {} - - - match: { username: "token_user" } - - match: { roles.0: "superuser" } - - match: { full_name: "Token User" } - - # store the new refreshed access token - - do: - headers: - Authorization: Bearer ${refreshed_access_token} - index: - index: token_index - id: "7" - body: { "token" : "${refreshed_access_token}"} - - # store the refresh token - - do: - headers: - Authorization: Bearer ${refreshed_access_token} - index: - index: token_index - id: "8" - body: { "token" : "${refreshed_refresh_token}"} diff --git a/x-pack/qa/rolling-upgrade/src/test/resources/rest-api-spec/test/upgraded_cluster/50_token_auth.yml b/x-pack/qa/rolling-upgrade/src/test/resources/rest-api-spec/test/upgraded_cluster/50_token_auth.yml deleted file mode 100644 index 2ca983fc031bc..0000000000000 --- a/x-pack/qa/rolling-upgrade/src/test/resources/rest-api-spec/test/upgraded_cluster/50_token_auth.yml +++ /dev/null @@ -1,92 +0,0 @@ ---- -"Get the indexed token and use if to authenticate": - - skip: - features: headers - - - do: - cluster.health: - wait_for_status: yellow - - - do: - get: - index: token_index - id: "6" - - - match: { _index: token_index } - - match: { _id: "6" } - - is_true: _source.token - - set: { _source.token : token } - - - do: - headers: - Authorization: Bearer ${token} - security.authenticate: {} - - - match: { username: "token_user" } - - match: { roles.0: "superuser" } - - match: { full_name: "Token User" } - - - do: - headers: - Authorization: Bearer ${token} - search: - rest_total_hits_as_int: true - index: token_index - - - match: { hits.total: 8 } - - # counter example that we are really checking this - - do: - headers: - Authorization: Bearer boom - catch: /unable to authenticate with provided credentials and anonymous access is not allowed for this request/ - search: - rest_total_hits_as_int: true - index: token_index - ---- -"Get the indexed refresh token and use if to get another access token and authenticate": - - skip: - features: headers - - - do: - get: - index: token_index - id: "8" - - - match: { _index: token_index } - - match: { _id: "8" } - - is_true: _source.token - - set: { _source.token : refresh_token } - - - do: - security.get_token: - body: - grant_type: "refresh_token" - refresh_token: "${refresh_token}" - - - match: { type: "Bearer" } - - is_true: access_token - - set: { access_token: token } - - is_true: refresh_token - - set: { refresh_token: refresh_token } - - match: { expires_in: 3600 } - - is_false: scope - - - do: - headers: - Authorization: Bearer ${token} - security.authenticate: {} - - - match: { username: "token_user" } - - match: { roles.0: "superuser" } - - match: { full_name: "Token User" } - - - do: - headers: - Authorization: Bearer ${token} - search: - rest_total_hits_as_int: true - index: token_index - - - match: { hits.total: 8 }