diff --git a/docs/development/core/server/kibana-plugin-server.coresetup.http.md b/docs/development/core/server/kibana-plugin-server.coresetup.http.md
index cba8a5832058d0..1ab58b6c3d997e 100644
--- a/docs/development/core/server/kibana-plugin-server.coresetup.http.md
+++ b/docs/development/core/server/kibana-plugin-server.coresetup.http.md
@@ -13,5 +13,6 @@ http: {
registerOnPostAuth: HttpServiceSetup['registerOnPostAuth'];
basePath: HttpServiceSetup['basePath'];
createNewServer: HttpServiceSetup['createNewServer'];
+ isTlsEnabled: HttpServiceSetup['isTlsEnabled'];
};
```
diff --git a/docs/development/core/server/kibana-plugin-server.coresetup.md b/docs/development/core/server/kibana-plugin-server.coresetup.md
index 352e2f314da30f..c85fcfac6f8efc 100644
--- a/docs/development/core/server/kibana-plugin-server.coresetup.md
+++ b/docs/development/core/server/kibana-plugin-server.coresetup.md
@@ -17,5 +17,5 @@ export interface CoreSetup
| Property | Type | Description |
| --- | --- | --- |
| [elasticsearch](./kibana-plugin-server.coresetup.elasticsearch.md) | {
adminClient$: Observable<ClusterClient>;
dataClient$: Observable<ClusterClient>;
}
| |
-| [http](./kibana-plugin-server.coresetup.http.md) | {
registerOnPreAuth: HttpServiceSetup['registerOnPreAuth'];
registerAuth: HttpServiceSetup['registerAuth'];
registerOnPostAuth: HttpServiceSetup['registerOnPostAuth'];
basePath: HttpServiceSetup['basePath'];
createNewServer: HttpServiceSetup['createNewServer'];
}
| |
+| [http](./kibana-plugin-server.coresetup.http.md) | {
registerOnPreAuth: HttpServiceSetup['registerOnPreAuth'];
registerAuth: HttpServiceSetup['registerAuth'];
registerOnPostAuth: HttpServiceSetup['registerOnPostAuth'];
basePath: HttpServiceSetup['basePath'];
createNewServer: HttpServiceSetup['createNewServer'];
isTlsEnabled: HttpServiceSetup['isTlsEnabled'];
}
| |
diff --git a/src/core/server/http/http_server.test.ts b/src/core/server/http/http_server.test.ts
index a52ba7909293ea..c8a98735288336 100644
--- a/src/core/server/http/http_server.test.ts
+++ b/src/core/server/http/http_server.test.ts
@@ -33,18 +33,49 @@ import { HttpConfig, Router } from '.';
import { loggingServiceMock } from '../logging/logging_service.mock';
import { HttpServer } from './http_server';
+const cookieOptions = {
+ name: 'sid',
+ encryptionKey: 'something_at_least_32_characters',
+ validate: () => true,
+ isSecure: false,
+};
+
+interface User {
+ id: string;
+ roles?: string[];
+}
+
+interface StorageData {
+ value: User;
+ expires: number;
+}
+
const chance = new Chance();
let server: HttpServer;
let config: HttpConfig;
+let configWithSSL: HttpConfig;
const logger = loggingServiceMock.create();
+
beforeEach(() => {
config = {
host: '127.0.0.1',
maxPayload: new ByteSizeValue(1024),
port: chance.integer({ min: 10000, max: 15000 }),
- ssl: {},
+ ssl: { enabled: false },
+ } as HttpConfig;
+
+ configWithSSL = {
+ ...config,
+ ssl: {
+ enabled: true,
+ certificate: '/certificate',
+ cipherSuites: ['cipherSuite'],
+ getSecureOptions: () => 0,
+ key: '/key',
+ redirectHttpFromPort: config.port + 1,
+ },
} as HttpConfig;
server = new HttpServer(logger, 'tests');
@@ -527,30 +558,14 @@ describe('with `basepath: /bar` and `rewriteBasePath: true`', () => {
});
});
-describe('with defined `redirectHttpFromPort`', () => {
- let configWithSSL: HttpConfig;
+test('with defined `redirectHttpFromPort`', async () => {
+ const router = new Router('/');
+ router.get({ path: '/', validate: false }, (req, res) => res.ok({ key: 'value:/' }));
- beforeEach(async () => {
- configWithSSL = {
- ...config,
- ssl: {
- certificate: '/certificate',
- cipherSuites: ['cipherSuite'],
- enabled: true,
- getSecureOptions: () => 0,
- key: '/key',
- redirectHttpFromPort: config.port + 1,
- },
- } as HttpConfig;
-
- const router = new Router('/');
- router.get({ path: '/', validate: false }, (req, res) => res.ok({ key: 'value:/' }));
-
- const { registerRouter } = await server.setup(configWithSSL);
- registerRouter(router);
+ const { registerRouter } = await server.setup(configWithSSL);
+ registerRouter(router);
- await server.start();
- });
+ await server.start();
});
test('returns server and connection options on start', async () => {
@@ -578,205 +593,6 @@ test('throws an error if starts without set up', async () => {
);
});
-const cookieOptions = {
- name: 'sid',
- encryptionKey: 'something_at_least_32_characters',
- validate: () => true,
- isSecure: false,
-};
-
-interface User {
- id: string;
- roles?: string[];
-}
-
-interface StorageData {
- value: User;
- expires: number;
-}
-
-describe('#registerAuth', () => {
- it('registers auth request interceptor only once', async () => {
- const { registerAuth } = await server.setup(config);
- const doRegister = () =>
- registerAuth(() => null as any, {
- encryptionKey: 'any_password',
- } as any);
-
- await doRegister();
- expect(doRegister()).rejects.toThrowError('Auth interceptor was already registered');
- });
-
- it('supports implementing custom authentication logic', async () => {
- const router = new Router('');
- router.get({ path: '/', validate: false }, async (req, res) => res.ok({ content: 'ok' }));
-
- const { registerAuth, registerRouter, server: innerServer } = await server.setup(config);
- const { sessionStorageFactory } = await registerAuth((req, t) => {
- const user = { id: '42' };
- const sessionStorage = sessionStorageFactory.asScoped(req);
- sessionStorage.set({ value: user, expires: Date.now() + 1000 });
- return t.authenticated({ state: user });
- }, cookieOptions);
- registerRouter(router);
- await server.start();
-
- const response = await supertest(innerServer.listener)
- .get('/')
- .expect(200, { content: 'ok' });
-
- expect(response.header['set-cookie']).toBeDefined();
- const cookies = response.header['set-cookie'];
- expect(cookies).toHaveLength(1);
-
- const sessionCookie = request.cookie(cookies[0]);
- if (!sessionCookie) {
- throw new Error('session cookie expected to be defined');
- }
- expect(sessionCookie).toBeDefined();
- expect(sessionCookie.key).toBe('sid');
- expect(sessionCookie.value).toBeDefined();
- expect(sessionCookie.path).toBe('/');
- expect(sessionCookie.httpOnly).toBe(true);
- });
-
- it('supports rejecting a request from an unauthenticated user', async () => {
- const { registerAuth, registerRouter, server: innerServer } = await server.setup(config);
- const router = new Router('');
- router.get({ path: '/', validate: false }, async (req, res) => res.ok({ content: 'ok' }));
- registerRouter(router);
-
- await registerAuth((req, t) => t.rejected(Boom.unauthorized()), cookieOptions);
- await server.start();
-
- await supertest(innerServer.listener)
- .get('/')
- .expect(401);
- });
-
- it('supports redirecting', async () => {
- const redirectTo = '/redirect-url';
- const { registerAuth, registerRouter, server: innerServer } = await server.setup(config);
- const router = new Router('');
- router.get({ path: '/', validate: false }, async (req, res) => res.ok({ content: 'ok' }));
- registerRouter(router);
-
- await registerAuth((req, t) => {
- return t.redirected(redirectTo);
- }, cookieOptions);
- await server.start();
-
- const response = await supertest(innerServer.listener)
- .get('/')
- .expect(302);
- expect(response.header.location).toBe(redirectTo);
- });
-
- it(`doesn't expose internal error details`, async () => {
- const { registerAuth, registerRouter, server: innerServer } = await server.setup(config);
- const router = new Router('');
- router.get({ path: '/', validate: false }, async (req, res) => res.ok({ content: 'ok' }));
- registerRouter(router);
-
- await registerAuth((req, t) => {
- throw new Error('sensitive info');
- }, cookieOptions);
- await server.start();
-
- await supertest(innerServer.listener)
- .get('/')
- .expect({
- statusCode: 500,
- error: 'Internal Server Error',
- message: 'An internal server error occurred',
- });
- });
-
- it('allows manipulating cookies from route handler', async () => {
- const { registerAuth, registerRouter, server: innerServer } = await server.setup(config);
- const { sessionStorageFactory } = await registerAuth((req, t) => {
- const user = { id: '42' };
- const sessionStorage = sessionStorageFactory.asScoped(req);
- sessionStorage.set({ value: user, expires: Date.now() + 1000 });
- return t.authenticated();
- }, cookieOptions);
-
- const router = new Router('');
- router.get({ path: '/', validate: false }, (req, res) => res.ok({ content: 'ok' }));
- router.get({ path: '/with-cookie', validate: false }, (req, res) => {
- const sessionStorage = sessionStorageFactory.asScoped(req);
- sessionStorage.clear();
- return res.ok({ content: 'ok' });
- });
- registerRouter(router);
-
- await server.start();
-
- const responseToSetCookie = await supertest(innerServer.listener)
- .get('/')
- .expect(200);
-
- expect(responseToSetCookie.header['set-cookie']).toBeDefined();
-
- const responseToResetCookie = await supertest(innerServer.listener)
- .get('/with-cookie')
- .expect(200);
-
- expect(responseToResetCookie.header['set-cookie']).toEqual([
- 'sid=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly; Path=/',
- ]);
- });
-
- it.skip('is the only place with access to the authorization header', async () => {
- const token = 'Basic: user:password';
- const {
- registerAuth,
- registerOnPreAuth,
- registerOnPostAuth,
- registerRouter,
- server: innerServer,
- } = await server.setup(config);
-
- let fromRegisterOnPreAuth;
- await registerOnPreAuth((req, t) => {
- fromRegisterOnPreAuth = req.headers.authorization;
- return t.next();
- });
-
- let fromRegisterAuth;
- await registerAuth((req, t) => {
- fromRegisterAuth = req.headers.authorization;
- return t.authenticated();
- }, cookieOptions);
-
- let fromRegisterOnPostAuth;
- await registerOnPostAuth((req, t) => {
- fromRegisterOnPostAuth = req.headers.authorization;
- return t.next();
- });
-
- let fromRouteHandler;
- const router = new Router('');
- router.get({ path: '/', validate: false }, (req, res) => {
- fromRouteHandler = req.headers.authorization;
- return res.ok({ content: 'ok' });
- });
- registerRouter(router);
-
- await server.start();
-
- await supertest(innerServer.listener)
- .get('/')
- .set('Authorization', token)
- .expect(200);
-
- expect(fromRegisterOnPreAuth).toEqual({});
- expect(fromRegisterAuth).toEqual({ authorization: token });
- expect(fromRegisterOnPostAuth).toEqual({});
- expect(fromRouteHandler).toEqual({});
- });
-});
-
test('enables auth for a route by default if registerAuth has been called', async () => {
const { registerAuth, registerRouter, server: innerServer } = await server.setup(config);
@@ -878,105 +694,308 @@ test('exposes route details of incoming request to a route handler', async () =>
});
});
-describe('#auth.isAuthenticated()', () => {
- it('returns true if has been authorized', async () => {
- const { registerAuth, registerRouter, server: innerServer, auth } = await server.setup(config);
+describe('setup contract', () => {
+ describe('#registerAuth', () => {
+ it('registers auth request interceptor only once', async () => {
+ const { registerAuth } = await server.setup(config);
+ const doRegister = () =>
+ registerAuth(() => null as any, {
+ encryptionKey: 'any_password',
+ } as any);
+
+ await doRegister();
+ expect(doRegister()).rejects.toThrowError('Auth interceptor was already registered');
+ });
- const router = new Router('');
- router.get({ path: '/', validate: false }, (req, res) =>
- res.ok({ isAuthenticated: auth.isAuthenticated(req) })
- );
- registerRouter(router);
+ it('supports implementing custom authentication logic', async () => {
+ const router = new Router('');
+ router.get({ path: '/', validate: false }, async (req, res) => res.ok({ content: 'ok' }));
+
+ const { registerAuth, registerRouter, server: innerServer } = await server.setup(config);
+ const { sessionStorageFactory } = await registerAuth((req, t) => {
+ const user = { id: '42' };
+ const sessionStorage = sessionStorageFactory.asScoped(req);
+ sessionStorage.set({ value: user, expires: Date.now() + 1000 });
+ return t.authenticated({ state: user });
+ }, cookieOptions);
+ registerRouter(router);
+ await server.start();
+
+ const response = await supertest(innerServer.listener)
+ .get('/')
+ .expect(200, { content: 'ok' });
+
+ expect(response.header['set-cookie']).toBeDefined();
+ const cookies = response.header['set-cookie'];
+ expect(cookies).toHaveLength(1);
+
+ const sessionCookie = request.cookie(cookies[0]);
+ if (!sessionCookie) {
+ throw new Error('session cookie expected to be defined');
+ }
+ expect(sessionCookie).toBeDefined();
+ expect(sessionCookie.key).toBe('sid');
+ expect(sessionCookie.value).toBeDefined();
+ expect(sessionCookie.path).toBe('/');
+ expect(sessionCookie.httpOnly).toBe(true);
+ });
- await registerAuth((req, t) => t.authenticated(), cookieOptions);
+ it('supports rejecting a request from an unauthenticated user', async () => {
+ const { registerAuth, registerRouter, server: innerServer } = await server.setup(config);
+ const router = new Router('');
+ router.get({ path: '/', validate: false }, async (req, res) => res.ok({ content: 'ok' }));
+ registerRouter(router);
- await server.start();
- await supertest(innerServer.listener)
- .get('/')
- .expect(200, { isAuthenticated: true });
- });
+ await registerAuth((req, t) => t.rejected(Boom.unauthorized()), cookieOptions);
+ await server.start();
- it('returns false if has not been authorized', async () => {
- const { registerAuth, registerRouter, server: innerServer, auth } = await server.setup(config);
+ await supertest(innerServer.listener)
+ .get('/')
+ .expect(401);
+ });
- const router = new Router('');
- router.get({ path: '/', validate: false, options: { authRequired: false } }, (req, res) =>
- res.ok({ isAuthenticated: auth.isAuthenticated(req) })
- );
- registerRouter(router);
+ it('supports redirecting', async () => {
+ const redirectTo = '/redirect-url';
+ const { registerAuth, registerRouter, server: innerServer } = await server.setup(config);
+ const router = new Router('');
+ router.get({ path: '/', validate: false }, async (req, res) => res.ok({ content: 'ok' }));
+ registerRouter(router);
+
+ await registerAuth((req, t) => {
+ return t.redirected(redirectTo);
+ }, cookieOptions);
+ await server.start();
+
+ const response = await supertest(innerServer.listener)
+ .get('/')
+ .expect(302);
+ expect(response.header.location).toBe(redirectTo);
+ });
- await registerAuth((req, t) => t.authenticated(), cookieOptions);
+ it(`doesn't expose internal error details`, async () => {
+ const { registerAuth, registerRouter, server: innerServer } = await server.setup(config);
+ const router = new Router('');
+ router.get({ path: '/', validate: false }, async (req, res) => res.ok({ content: 'ok' }));
+ registerRouter(router);
+
+ await registerAuth((req, t) => {
+ throw new Error('sensitive info');
+ }, cookieOptions);
+ await server.start();
+
+ await supertest(innerServer.listener)
+ .get('/')
+ .expect({
+ statusCode: 500,
+ error: 'Internal Server Error',
+ message: 'An internal server error occurred',
+ });
+ });
- await server.start();
- await supertest(innerServer.listener)
- .get('/')
- .expect(200, { isAuthenticated: false });
- });
+ it('allows manipulating cookies from route handler', async () => {
+ const { registerAuth, registerRouter, server: innerServer } = await server.setup(config);
+ const { sessionStorageFactory } = await registerAuth((req, t) => {
+ const user = { id: '42' };
+ const sessionStorage = sessionStorageFactory.asScoped(req);
+ sessionStorage.set({ value: user, expires: Date.now() + 1000 });
+ return t.authenticated();
+ }, cookieOptions);
+
+ const router = new Router('');
+ router.get({ path: '/', validate: false }, (req, res) => res.ok({ content: 'ok' }));
+ router.get({ path: '/with-cookie', validate: false }, (req, res) => {
+ const sessionStorage = sessionStorageFactory.asScoped(req);
+ sessionStorage.clear();
+ return res.ok({ content: 'ok' });
+ });
+ registerRouter(router);
- it('returns false if no authorization mechanism has been registered', async () => {
- const { registerRouter, server: innerServer, auth } = await server.setup(config);
+ await server.start();
- const router = new Router('');
- router.get({ path: '/', validate: false, options: { authRequired: false } }, (req, res) =>
- res.ok({ isAuthenticated: auth.isAuthenticated(req) })
- );
- registerRouter(router);
+ const responseToSetCookie = await supertest(innerServer.listener)
+ .get('/')
+ .expect(200);
- await server.start();
- await supertest(innerServer.listener)
- .get('/')
- .expect(200, { isAuthenticated: false });
- });
-});
+ expect(responseToSetCookie.header['set-cookie']).toBeDefined();
-describe('#auth.get()', () => {
- it('returns authenticated status and allow associate auth state with request', async () => {
- const user = { id: '42' };
- const { registerRouter, registerAuth, server: innerServer, auth } = await server.setup(config);
- const { sessionStorageFactory } = await registerAuth((req, t) => {
- sessionStorageFactory.asScoped(req).set({ value: user, expires: Date.now() + 1000 });
- return t.authenticated({ state: user });
- }, cookieOptions);
-
- const router = new Router('');
- router.get({ path: '/', validate: false }, (req, res) => res.ok(auth.get(req)));
- registerRouter(router);
- await server.start();
+ const responseToResetCookie = await supertest(innerServer.listener)
+ .get('/with-cookie')
+ .expect(200);
- await supertest(innerServer.listener)
- .get('/')
- .expect(200, { state: user, status: 'authenticated' });
+ expect(responseToResetCookie.header['set-cookie']).toEqual([
+ 'sid=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly; Path=/',
+ ]);
+ });
+
+ it.skip('is the only place with access to the authorization header', async () => {
+ const token = 'Basic: user:password';
+ const {
+ registerAuth,
+ registerOnPreAuth,
+ registerOnPostAuth,
+ registerRouter,
+ server: innerServer,
+ } = await server.setup(config);
+
+ let fromRegisterOnPreAuth;
+ await registerOnPreAuth((req, t) => {
+ fromRegisterOnPreAuth = req.headers.authorization;
+ return t.next();
+ });
+
+ let fromRegisterAuth;
+ await registerAuth((req, t) => {
+ fromRegisterAuth = req.headers.authorization;
+ return t.authenticated();
+ }, cookieOptions);
+
+ let fromRegisterOnPostAuth;
+ await registerOnPostAuth((req, t) => {
+ fromRegisterOnPostAuth = req.headers.authorization;
+ return t.next();
+ });
+
+ let fromRouteHandler;
+ const router = new Router('');
+ router.get({ path: '/', validate: false }, (req, res) => {
+ fromRouteHandler = req.headers.authorization;
+ return res.ok({ content: 'ok' });
+ });
+ registerRouter(router);
+
+ await server.start();
+
+ await supertest(innerServer.listener)
+ .get('/')
+ .set('Authorization', token)
+ .expect(200);
+
+ expect(fromRegisterOnPreAuth).toEqual({});
+ expect(fromRegisterAuth).toEqual({ authorization: token });
+ expect(fromRegisterOnPostAuth).toEqual({});
+ expect(fromRouteHandler).toEqual({});
+ });
});
- it('returns correct authentication unknown status', async () => {
- const { registerRouter, server: innerServer, auth } = await server.setup(config);
- const router = new Router('');
- router.get({ path: '/', validate: false }, (req, res) => res.ok(auth.get(req)));
+ describe('#auth.isAuthenticated()', () => {
+ it('returns true if has been authorized', async () => {
+ const { registerAuth, registerRouter, server: innerServer, auth } = await server.setup(
+ config
+ );
- registerRouter(router);
- await server.start();
- await supertest(innerServer.listener)
- .get('/')
- .expect(200, { status: 'unknown' });
+ const router = new Router('');
+ router.get({ path: '/', validate: false }, (req, res) =>
+ res.ok({ isAuthenticated: auth.isAuthenticated(req) })
+ );
+ registerRouter(router);
+
+ await registerAuth((req, t) => t.authenticated(), cookieOptions);
+
+ await server.start();
+ await supertest(innerServer.listener)
+ .get('/')
+ .expect(200, { isAuthenticated: true });
+ });
+
+ it('returns false if has not been authorized', async () => {
+ const { registerAuth, registerRouter, server: innerServer, auth } = await server.setup(
+ config
+ );
+
+ const router = new Router('');
+ router.get({ path: '/', validate: false, options: { authRequired: false } }, (req, res) =>
+ res.ok({ isAuthenticated: auth.isAuthenticated(req) })
+ );
+ registerRouter(router);
+
+ await registerAuth((req, t) => t.authenticated(), cookieOptions);
+
+ await server.start();
+ await supertest(innerServer.listener)
+ .get('/')
+ .expect(200, { isAuthenticated: false });
+ });
+
+ it('returns false if no authorization mechanism has been registered', async () => {
+ const { registerRouter, server: innerServer, auth } = await server.setup(config);
+
+ const router = new Router('');
+ router.get({ path: '/', validate: false, options: { authRequired: false } }, (req, res) =>
+ res.ok({ isAuthenticated: auth.isAuthenticated(req) })
+ );
+ registerRouter(router);
+
+ await server.start();
+ await supertest(innerServer.listener)
+ .get('/')
+ .expect(200, { isAuthenticated: false });
+ });
});
- it('returns correct unauthenticated status', async () => {
- const authenticate = jest.fn();
+ describe('#auth.get()', () => {
+ it('returns authenticated status and allow associate auth state with request', async () => {
+ const user = { id: '42' };
+ const { registerRouter, registerAuth, server: innerServer, auth } = await server.setup(
+ config
+ );
+ const { sessionStorageFactory } = await registerAuth((req, t) => {
+ sessionStorageFactory.asScoped(req).set({ value: user, expires: Date.now() + 1000 });
+ return t.authenticated({ state: user });
+ }, cookieOptions);
+
+ const router = new Router('');
+ router.get({ path: '/', validate: false }, (req, res) => res.ok(auth.get(req)));
+ registerRouter(router);
+ await server.start();
+
+ await supertest(innerServer.listener)
+ .get('/')
+ .expect(200, { state: user, status: 'authenticated' });
+ });
- const { registerRouter, registerAuth, server: innerServer, auth } = await server.setup(config);
- await registerAuth(authenticate, cookieOptions);
- const router = new Router('');
- router.get({ path: '/', validate: false, options: { authRequired: false } }, (req, res) =>
- res.ok(auth.get(req))
- );
+ it('returns correct authentication unknown status', async () => {
+ const { registerRouter, server: innerServer, auth } = await server.setup(config);
+ const router = new Router('');
+ router.get({ path: '/', validate: false }, (req, res) => res.ok(auth.get(req)));
- registerRouter(router);
- await server.start();
+ registerRouter(router);
+ await server.start();
+ await supertest(innerServer.listener)
+ .get('/')
+ .expect(200, { status: 'unknown' });
+ });
- await supertest(innerServer.listener)
- .get('/')
- .expect(200, { status: 'unauthenticated' });
+ it('returns correct unauthenticated status', async () => {
+ const authenticate = jest.fn();
+
+ const { registerRouter, registerAuth, server: innerServer, auth } = await server.setup(
+ config
+ );
+ await registerAuth(authenticate, cookieOptions);
+ const router = new Router('');
+ router.get({ path: '/', validate: false, options: { authRequired: false } }, (req, res) =>
+ res.ok(auth.get(req))
+ );
+
+ registerRouter(router);
+ await server.start();
+
+ await supertest(innerServer.listener)
+ .get('/')
+ .expect(200, { status: 'unauthenticated' });
- expect(authenticate).not.toHaveBeenCalled();
+ expect(authenticate).not.toHaveBeenCalled();
+ });
+ });
+
+ describe('#isTlsEnabled', () => {
+ it('returns "true" if TLS enabled', async () => {
+ const { isTlsEnabled } = await server.setup(configWithSSL);
+ expect(isTlsEnabled).toBe(true);
+ });
+ it('returns "false" if TLS not enabled', async () => {
+ const { isTlsEnabled } = await server.setup(config);
+ expect(isTlsEnabled).toBe(false);
+ });
});
});
diff --git a/src/core/server/http/http_server.ts b/src/core/server/http/http_server.ts
index 42ec5c04bea4b6..4a5b88bd105ade 100644
--- a/src/core/server/http/http_server.ts
+++ b/src/core/server/http/http_server.ts
@@ -75,6 +75,7 @@ export interface HttpServerSetup {
isAuthenticated: AuthStateStorage['isAuthenticated'];
getAuthHeaders: AuthHeadersStorage['get'];
};
+ isTlsEnabled: boolean;
}
export class HttpServer {
@@ -127,6 +128,7 @@ export class HttpServer {
isAuthenticated: this.authState.isAuthenticated,
getAuthHeaders: this.authHeaders.get,
},
+ isTlsEnabled: config.ssl.enabled,
// Return server instance with the connection options so that we can properly
// bridge core and the "legacy" Kibana internally. Once this bridge isn't
// needed anymore we shouldn't return the instance from this method.
diff --git a/src/core/server/http/http_service.mock.ts b/src/core/server/http/http_service.mock.ts
index 9b241e8679318a..0444caab1deb13 100644
--- a/src/core/server/http/http_service.mock.ts
+++ b/src/core/server/http/http_service.mock.ts
@@ -45,6 +45,7 @@ const createSetupContractMock = () => {
getAuthHeaders: jest.fn(),
},
createNewServer: jest.fn(),
+ isTlsEnabled: false,
};
setupContract.createNewServer.mockResolvedValue({} as HttpServerSetup);
return setupContract;
diff --git a/src/core/server/index.ts b/src/core/server/index.ts
index 50f4c24361a6a4..bcd101e9912e09 100644
--- a/src/core/server/index.ts
+++ b/src/core/server/index.ts
@@ -122,6 +122,7 @@ export interface CoreSetup {
registerOnPostAuth: HttpServiceSetup['registerOnPostAuth'];
basePath: HttpServiceSetup['basePath'];
createNewServer: HttpServiceSetup['createNewServer'];
+ isTlsEnabled: HttpServiceSetup['isTlsEnabled'];
};
}
diff --git a/src/core/server/plugins/plugin_context.ts b/src/core/server/plugins/plugin_context.ts
index 885b2b0e465522..139c142dcb1dbc 100644
--- a/src/core/server/plugins/plugin_context.ts
+++ b/src/core/server/plugins/plugin_context.ts
@@ -122,6 +122,7 @@ export function createPluginSetupContext(
registerOnPostAuth: deps.http.registerOnPostAuth,
basePath: deps.http.basePath,
createNewServer: deps.http.createNewServer,
+ isTlsEnabled: deps.http.isTlsEnabled,
},
};
}
diff --git a/src/core/server/server.api.md b/src/core/server/server.api.md
index b1fdc1289151ce..6b1fe4622caed7 100644
--- a/src/core/server/server.api.md
+++ b/src/core/server/server.api.md
@@ -97,6 +97,7 @@ export interface CoreSetup {
registerOnPostAuth: HttpServiceSetup['registerOnPostAuth'];
basePath: HttpServiceSetup['basePath'];
createNewServer: HttpServiceSetup['createNewServer'];
+ isTlsEnabled: HttpServiceSetup['isTlsEnabled'];
};
}