From 5384ebcdbda21ba5f130062d92616eb22ceaed2a Mon Sep 17 00:00:00 2001 From: Mikhail Shustov Date: Tue, 9 Jul 2019 19:18:25 +0200 Subject: [PATCH] Expose "is TLS enabled" flag for Kibana HTTP Server (#40336) * expose it TLS enabled on Http server * setup contract is under one section in tests * regenerate docs * isTLSEnabled --> isTlsEnabled --- .../kibana-plugin-server.coresetup.http.md | 1 + .../server/kibana-plugin-server.coresetup.md | 2 +- src/core/server/http/http_server.test.ts | 621 +++++++++--------- src/core/server/http/http_server.ts | 2 + src/core/server/http/http_service.mock.ts | 1 + src/core/server/index.ts | 1 + src/core/server/plugins/plugin_context.ts | 1 + src/core/server/server.api.md | 1 + 8 files changed, 328 insertions(+), 302 deletions(-) diff --git a/docs/development/core/server/kibana-plugin-server.coresetup.http.md b/docs/development/core/server/kibana-plugin-server.coresetup.http.md index cba8a5832058d0..1ab58b6c3d997e 100644 --- a/docs/development/core/server/kibana-plugin-server.coresetup.http.md +++ b/docs/development/core/server/kibana-plugin-server.coresetup.http.md @@ -13,5 +13,6 @@ http: { registerOnPostAuth: HttpServiceSetup['registerOnPostAuth']; basePath: HttpServiceSetup['basePath']; createNewServer: HttpServiceSetup['createNewServer']; + isTlsEnabled: HttpServiceSetup['isTlsEnabled']; }; ``` diff --git a/docs/development/core/server/kibana-plugin-server.coresetup.md b/docs/development/core/server/kibana-plugin-server.coresetup.md index 352e2f314da30f..c85fcfac6f8efc 100644 --- a/docs/development/core/server/kibana-plugin-server.coresetup.md +++ b/docs/development/core/server/kibana-plugin-server.coresetup.md @@ -17,5 +17,5 @@ export interface CoreSetup | Property | Type | Description | | --- | --- | --- | | [elasticsearch](./kibana-plugin-server.coresetup.elasticsearch.md) | {
adminClient$: Observable<ClusterClient>;
dataClient$: Observable<ClusterClient>;
} | | -| [http](./kibana-plugin-server.coresetup.http.md) | {
registerOnPreAuth: HttpServiceSetup['registerOnPreAuth'];
registerAuth: HttpServiceSetup['registerAuth'];
registerOnPostAuth: HttpServiceSetup['registerOnPostAuth'];
basePath: HttpServiceSetup['basePath'];
createNewServer: HttpServiceSetup['createNewServer'];
} | | +| [http](./kibana-plugin-server.coresetup.http.md) | {
registerOnPreAuth: HttpServiceSetup['registerOnPreAuth'];
registerAuth: HttpServiceSetup['registerAuth'];
registerOnPostAuth: HttpServiceSetup['registerOnPostAuth'];
basePath: HttpServiceSetup['basePath'];
createNewServer: HttpServiceSetup['createNewServer'];
isTlsEnabled: HttpServiceSetup['isTlsEnabled'];
} | | diff --git a/src/core/server/http/http_server.test.ts b/src/core/server/http/http_server.test.ts index 69d2eb53e1674b..789131e8c1e4c3 100644 --- a/src/core/server/http/http_server.test.ts +++ b/src/core/server/http/http_server.test.ts @@ -33,18 +33,49 @@ import { HttpConfig, Router } from '.'; import { loggingServiceMock } from '../logging/logging_service.mock'; import { HttpServer } from './http_server'; +const cookieOptions = { + name: 'sid', + encryptionKey: 'something_at_least_32_characters', + validate: () => true, + isSecure: false, +}; + +interface User { + id: string; + roles?: string[]; +} + +interface StorageData { + value: User; + expires: number; +} + const chance = new Chance(); let server: HttpServer; let config: HttpConfig; +let configWithSSL: HttpConfig; const logger = loggingServiceMock.create(); + beforeEach(() => { config = { host: '127.0.0.1', maxPayload: new ByteSizeValue(1024), port: chance.integer({ min: 10000, max: 15000 }), - ssl: {}, + ssl: { enabled: false }, + } as HttpConfig; + + configWithSSL = { + ...config, + ssl: { + enabled: true, + certificate: '/certificate', + cipherSuites: ['cipherSuite'], + getSecureOptions: () => 0, + key: '/key', + redirectHttpFromPort: config.port + 1, + }, } as HttpConfig; server = new HttpServer(logger, 'tests'); @@ -526,30 +557,14 @@ describe('with `basepath: /bar` and `rewriteBasePath: true`', () => { }); }); -describe('with defined `redirectHttpFromPort`', () => { - let configWithSSL: HttpConfig; +test('with defined `redirectHttpFromPort`', async () => { + const router = new Router('/'); + router.get({ path: '/', validate: false }, (req, res) => res.ok({ key: 'value:/' })); - beforeEach(async () => { - configWithSSL = { - ...config, - ssl: { - certificate: '/certificate', - cipherSuites: ['cipherSuite'], - enabled: true, - getSecureOptions: () => 0, - key: '/key', - redirectHttpFromPort: config.port + 1, - }, - } as HttpConfig; - - const router = new Router('/'); - router.get({ path: '/', validate: false }, (req, res) => res.ok({ key: 'value:/' })); - - const { registerRouter } = await server.setup(configWithSSL); - registerRouter(router); + const { registerRouter } = await server.setup(configWithSSL); + registerRouter(router); - await server.start(); - }); + await server.start(); }); test('returns server and connection options on start', async () => { @@ -577,205 +592,6 @@ test('throws an error if starts without set up', async () => { ); }); -const cookieOptions = { - name: 'sid', - encryptionKey: 'something_at_least_32_characters', - validate: () => true, - isSecure: false, -}; - -interface User { - id: string; - roles?: string[]; -} - -interface StorageData { - value: User; - expires: number; -} - -describe('#registerAuth', () => { - it('registers auth request interceptor only once', async () => { - const { registerAuth } = await server.setup(config); - const doRegister = () => - registerAuth(() => null as any, { - encryptionKey: 'any_password', - } as any); - - await doRegister(); - expect(doRegister()).rejects.toThrowError('Auth interceptor was already registered'); - }); - - it('supports implementing custom authentication logic', async () => { - const router = new Router(''); - router.get({ path: '/', validate: false }, async (req, res) => res.ok({ content: 'ok' })); - - const { registerAuth, registerRouter, server: innerServer } = await server.setup(config); - const { sessionStorageFactory } = await registerAuth((req, t) => { - const user = { id: '42' }; - const sessionStorage = sessionStorageFactory.asScoped(req); - sessionStorage.set({ value: user, expires: Date.now() + 1000 }); - return t.authenticated({ state: user }); - }, cookieOptions); - registerRouter(router); - await server.start(); - - const response = await supertest(innerServer.listener) - .get('/') - .expect(200, { content: 'ok' }); - - expect(response.header['set-cookie']).toBeDefined(); - const cookies = response.header['set-cookie']; - expect(cookies).toHaveLength(1); - - const sessionCookie = request.cookie(cookies[0]); - if (!sessionCookie) { - throw new Error('session cookie expected to be defined'); - } - expect(sessionCookie).toBeDefined(); - expect(sessionCookie.key).toBe('sid'); - expect(sessionCookie.value).toBeDefined(); - expect(sessionCookie.path).toBe('/'); - expect(sessionCookie.httpOnly).toBe(true); - }); - - it('supports rejecting a request from an unauthenticated user', async () => { - const { registerAuth, registerRouter, server: innerServer } = await server.setup(config); - const router = new Router(''); - router.get({ path: '/', validate: false }, async (req, res) => res.ok({ content: 'ok' })); - registerRouter(router); - - await registerAuth((req, t) => t.rejected(Boom.unauthorized()), cookieOptions); - await server.start(); - - await supertest(innerServer.listener) - .get('/') - .expect(401); - }); - - it('supports redirecting', async () => { - const redirectTo = '/redirect-url'; - const { registerAuth, registerRouter, server: innerServer } = await server.setup(config); - const router = new Router(''); - router.get({ path: '/', validate: false }, async (req, res) => res.ok({ content: 'ok' })); - registerRouter(router); - - await registerAuth((req, t) => { - return t.redirected(redirectTo); - }, cookieOptions); - await server.start(); - - const response = await supertest(innerServer.listener) - .get('/') - .expect(302); - expect(response.header.location).toBe(redirectTo); - }); - - it(`doesn't expose internal error details`, async () => { - const { registerAuth, registerRouter, server: innerServer } = await server.setup(config); - const router = new Router(''); - router.get({ path: '/', validate: false }, async (req, res) => res.ok({ content: 'ok' })); - registerRouter(router); - - await registerAuth((req, t) => { - throw new Error('sensitive info'); - }, cookieOptions); - await server.start(); - - await supertest(innerServer.listener) - .get('/') - .expect({ - statusCode: 500, - error: 'Internal Server Error', - message: 'An internal server error occurred', - }); - }); - - it('allows manipulating cookies from route handler', async () => { - const { registerAuth, registerRouter, server: innerServer } = await server.setup(config); - const { sessionStorageFactory } = await registerAuth((req, t) => { - const user = { id: '42' }; - const sessionStorage = sessionStorageFactory.asScoped(req); - sessionStorage.set({ value: user, expires: Date.now() + 1000 }); - return t.authenticated(); - }, cookieOptions); - - const router = new Router(''); - router.get({ path: '/', validate: false }, (req, res) => res.ok({ content: 'ok' })); - router.get({ path: '/with-cookie', validate: false }, (req, res) => { - const sessionStorage = sessionStorageFactory.asScoped(req); - sessionStorage.clear(); - return res.ok({ content: 'ok' }); - }); - registerRouter(router); - - await server.start(); - - const responseToSetCookie = await supertest(innerServer.listener) - .get('/') - .expect(200); - - expect(responseToSetCookie.header['set-cookie']).toBeDefined(); - - const responseToResetCookie = await supertest(innerServer.listener) - .get('/with-cookie') - .expect(200); - - expect(responseToResetCookie.header['set-cookie']).toEqual([ - 'sid=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly; Path=/', - ]); - }); - - it.skip('is the only place with access to the authorization header', async () => { - const token = 'Basic: user:password'; - const { - registerAuth, - registerOnPreAuth, - registerOnPostAuth, - registerRouter, - server: innerServer, - } = await server.setup(config); - - let fromRegisterOnPreAuth; - await registerOnPreAuth((req, t) => { - fromRegisterOnPreAuth = req.headers.authorization; - return t.next(); - }); - - let fromRegisterAuth; - await registerAuth((req, t) => { - fromRegisterAuth = req.headers.authorization; - return t.authenticated(); - }, cookieOptions); - - let fromRegisterOnPostAuth; - await registerOnPostAuth((req, t) => { - fromRegisterOnPostAuth = req.headers.authorization; - return t.next(); - }); - - let fromRouteHandler; - const router = new Router(''); - router.get({ path: '/', validate: false }, (req, res) => { - fromRouteHandler = req.headers.authorization; - return res.ok({ content: 'ok' }); - }); - registerRouter(router); - - await server.start(); - - await supertest(innerServer.listener) - .get('/') - .set('Authorization', token) - .expect(200); - - expect(fromRegisterOnPreAuth).toEqual({}); - expect(fromRegisterAuth).toEqual({ authorization: token }); - expect(fromRegisterOnPostAuth).toEqual({}); - expect(fromRouteHandler).toEqual({}); - }); -}); - test('enables auth for a route by default if registerAuth has been called', async () => { const { registerAuth, registerRouter, server: innerServer } = await server.setup(config); @@ -877,105 +693,308 @@ test('exposes route details of incoming request to a route handler', async () => }); }); -describe('#auth.isAuthenticated()', () => { - it('returns true if has been authorized', async () => { - const { registerAuth, registerRouter, server: innerServer, auth } = await server.setup(config); +describe('setup contract', () => { + describe('#registerAuth', () => { + it('registers auth request interceptor only once', async () => { + const { registerAuth } = await server.setup(config); + const doRegister = () => + registerAuth(() => null as any, { + encryptionKey: 'any_password', + } as any); + + await doRegister(); + expect(doRegister()).rejects.toThrowError('Auth interceptor was already registered'); + }); - const router = new Router(''); - router.get({ path: '/', validate: false }, (req, res) => - res.ok({ isAuthenticated: auth.isAuthenticated(req) }) - ); - registerRouter(router); + it('supports implementing custom authentication logic', async () => { + const router = new Router(''); + router.get({ path: '/', validate: false }, async (req, res) => res.ok({ content: 'ok' })); + + const { registerAuth, registerRouter, server: innerServer } = await server.setup(config); + const { sessionStorageFactory } = await registerAuth((req, t) => { + const user = { id: '42' }; + const sessionStorage = sessionStorageFactory.asScoped(req); + sessionStorage.set({ value: user, expires: Date.now() + 1000 }); + return t.authenticated({ state: user }); + }, cookieOptions); + registerRouter(router); + await server.start(); + + const response = await supertest(innerServer.listener) + .get('/') + .expect(200, { content: 'ok' }); + + expect(response.header['set-cookie']).toBeDefined(); + const cookies = response.header['set-cookie']; + expect(cookies).toHaveLength(1); + + const sessionCookie = request.cookie(cookies[0]); + if (!sessionCookie) { + throw new Error('session cookie expected to be defined'); + } + expect(sessionCookie).toBeDefined(); + expect(sessionCookie.key).toBe('sid'); + expect(sessionCookie.value).toBeDefined(); + expect(sessionCookie.path).toBe('/'); + expect(sessionCookie.httpOnly).toBe(true); + }); - await registerAuth((req, t) => t.authenticated(), cookieOptions); + it('supports rejecting a request from an unauthenticated user', async () => { + const { registerAuth, registerRouter, server: innerServer } = await server.setup(config); + const router = new Router(''); + router.get({ path: '/', validate: false }, async (req, res) => res.ok({ content: 'ok' })); + registerRouter(router); - await server.start(); - await supertest(innerServer.listener) - .get('/') - .expect(200, { isAuthenticated: true }); - }); + await registerAuth((req, t) => t.rejected(Boom.unauthorized()), cookieOptions); + await server.start(); - it('returns false if has not been authorized', async () => { - const { registerAuth, registerRouter, server: innerServer, auth } = await server.setup(config); + await supertest(innerServer.listener) + .get('/') + .expect(401); + }); - const router = new Router(''); - router.get({ path: '/', validate: false, options: { authRequired: false } }, (req, res) => - res.ok({ isAuthenticated: auth.isAuthenticated(req) }) - ); - registerRouter(router); + it('supports redirecting', async () => { + const redirectTo = '/redirect-url'; + const { registerAuth, registerRouter, server: innerServer } = await server.setup(config); + const router = new Router(''); + router.get({ path: '/', validate: false }, async (req, res) => res.ok({ content: 'ok' })); + registerRouter(router); + + await registerAuth((req, t) => { + return t.redirected(redirectTo); + }, cookieOptions); + await server.start(); + + const response = await supertest(innerServer.listener) + .get('/') + .expect(302); + expect(response.header.location).toBe(redirectTo); + }); - await registerAuth((req, t) => t.authenticated(), cookieOptions); + it(`doesn't expose internal error details`, async () => { + const { registerAuth, registerRouter, server: innerServer } = await server.setup(config); + const router = new Router(''); + router.get({ path: '/', validate: false }, async (req, res) => res.ok({ content: 'ok' })); + registerRouter(router); + + await registerAuth((req, t) => { + throw new Error('sensitive info'); + }, cookieOptions); + await server.start(); + + await supertest(innerServer.listener) + .get('/') + .expect({ + statusCode: 500, + error: 'Internal Server Error', + message: 'An internal server error occurred', + }); + }); - await server.start(); - await supertest(innerServer.listener) - .get('/') - .expect(200, { isAuthenticated: false }); - }); + it('allows manipulating cookies from route handler', async () => { + const { registerAuth, registerRouter, server: innerServer } = await server.setup(config); + const { sessionStorageFactory } = await registerAuth((req, t) => { + const user = { id: '42' }; + const sessionStorage = sessionStorageFactory.asScoped(req); + sessionStorage.set({ value: user, expires: Date.now() + 1000 }); + return t.authenticated(); + }, cookieOptions); + + const router = new Router(''); + router.get({ path: '/', validate: false }, (req, res) => res.ok({ content: 'ok' })); + router.get({ path: '/with-cookie', validate: false }, (req, res) => { + const sessionStorage = sessionStorageFactory.asScoped(req); + sessionStorage.clear(); + return res.ok({ content: 'ok' }); + }); + registerRouter(router); - it('returns false if no authorization mechanism has been registered', async () => { - const { registerRouter, server: innerServer, auth } = await server.setup(config); + await server.start(); - const router = new Router(''); - router.get({ path: '/', validate: false, options: { authRequired: false } }, (req, res) => - res.ok({ isAuthenticated: auth.isAuthenticated(req) }) - ); - registerRouter(router); + const responseToSetCookie = await supertest(innerServer.listener) + .get('/') + .expect(200); - await server.start(); - await supertest(innerServer.listener) - .get('/') - .expect(200, { isAuthenticated: false }); - }); -}); + expect(responseToSetCookie.header['set-cookie']).toBeDefined(); -describe('#auth.get()', () => { - it('returns authenticated status and allow associate auth state with request', async () => { - const user = { id: '42' }; - const { registerRouter, registerAuth, server: innerServer, auth } = await server.setup(config); - const { sessionStorageFactory } = await registerAuth((req, t) => { - sessionStorageFactory.asScoped(req).set({ value: user, expires: Date.now() + 1000 }); - return t.authenticated({ state: user }); - }, cookieOptions); - - const router = new Router(''); - router.get({ path: '/', validate: false }, (req, res) => res.ok(auth.get(req))); - registerRouter(router); - await server.start(); + const responseToResetCookie = await supertest(innerServer.listener) + .get('/with-cookie') + .expect(200); - await supertest(innerServer.listener) - .get('/') - .expect(200, { state: user, status: 'authenticated' }); + expect(responseToResetCookie.header['set-cookie']).toEqual([ + 'sid=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly; Path=/', + ]); + }); + + it.skip('is the only place with access to the authorization header', async () => { + const token = 'Basic: user:password'; + const { + registerAuth, + registerOnPreAuth, + registerOnPostAuth, + registerRouter, + server: innerServer, + } = await server.setup(config); + + let fromRegisterOnPreAuth; + await registerOnPreAuth((req, t) => { + fromRegisterOnPreAuth = req.headers.authorization; + return t.next(); + }); + + let fromRegisterAuth; + await registerAuth((req, t) => { + fromRegisterAuth = req.headers.authorization; + return t.authenticated(); + }, cookieOptions); + + let fromRegisterOnPostAuth; + await registerOnPostAuth((req, t) => { + fromRegisterOnPostAuth = req.headers.authorization; + return t.next(); + }); + + let fromRouteHandler; + const router = new Router(''); + router.get({ path: '/', validate: false }, (req, res) => { + fromRouteHandler = req.headers.authorization; + return res.ok({ content: 'ok' }); + }); + registerRouter(router); + + await server.start(); + + await supertest(innerServer.listener) + .get('/') + .set('Authorization', token) + .expect(200); + + expect(fromRegisterOnPreAuth).toEqual({}); + expect(fromRegisterAuth).toEqual({ authorization: token }); + expect(fromRegisterOnPostAuth).toEqual({}); + expect(fromRouteHandler).toEqual({}); + }); }); - it('returns correct authentication unknown status', async () => { - const { registerRouter, server: innerServer, auth } = await server.setup(config); - const router = new Router(''); - router.get({ path: '/', validate: false }, (req, res) => res.ok(auth.get(req))); + describe('#auth.isAuthenticated()', () => { + it('returns true if has been authorized', async () => { + const { registerAuth, registerRouter, server: innerServer, auth } = await server.setup( + config + ); - registerRouter(router); - await server.start(); - await supertest(innerServer.listener) - .get('/') - .expect(200, { status: 'unknown' }); + const router = new Router(''); + router.get({ path: '/', validate: false }, (req, res) => + res.ok({ isAuthenticated: auth.isAuthenticated(req) }) + ); + registerRouter(router); + + await registerAuth((req, t) => t.authenticated(), cookieOptions); + + await server.start(); + await supertest(innerServer.listener) + .get('/') + .expect(200, { isAuthenticated: true }); + }); + + it('returns false if has not been authorized', async () => { + const { registerAuth, registerRouter, server: innerServer, auth } = await server.setup( + config + ); + + const router = new Router(''); + router.get({ path: '/', validate: false, options: { authRequired: false } }, (req, res) => + res.ok({ isAuthenticated: auth.isAuthenticated(req) }) + ); + registerRouter(router); + + await registerAuth((req, t) => t.authenticated(), cookieOptions); + + await server.start(); + await supertest(innerServer.listener) + .get('/') + .expect(200, { isAuthenticated: false }); + }); + + it('returns false if no authorization mechanism has been registered', async () => { + const { registerRouter, server: innerServer, auth } = await server.setup(config); + + const router = new Router(''); + router.get({ path: '/', validate: false, options: { authRequired: false } }, (req, res) => + res.ok({ isAuthenticated: auth.isAuthenticated(req) }) + ); + registerRouter(router); + + await server.start(); + await supertest(innerServer.listener) + .get('/') + .expect(200, { isAuthenticated: false }); + }); }); - it('returns correct unauthenticated status', async () => { - const authenticate = jest.fn(); + describe('#auth.get()', () => { + it('returns authenticated status and allow associate auth state with request', async () => { + const user = { id: '42' }; + const { registerRouter, registerAuth, server: innerServer, auth } = await server.setup( + config + ); + const { sessionStorageFactory } = await registerAuth((req, t) => { + sessionStorageFactory.asScoped(req).set({ value: user, expires: Date.now() + 1000 }); + return t.authenticated({ state: user }); + }, cookieOptions); + + const router = new Router(''); + router.get({ path: '/', validate: false }, (req, res) => res.ok(auth.get(req))); + registerRouter(router); + await server.start(); + + await supertest(innerServer.listener) + .get('/') + .expect(200, { state: user, status: 'authenticated' }); + }); - const { registerRouter, registerAuth, server: innerServer, auth } = await server.setup(config); - await registerAuth(authenticate, cookieOptions); - const router = new Router(''); - router.get({ path: '/', validate: false, options: { authRequired: false } }, (req, res) => - res.ok(auth.get(req)) - ); + it('returns correct authentication unknown status', async () => { + const { registerRouter, server: innerServer, auth } = await server.setup(config); + const router = new Router(''); + router.get({ path: '/', validate: false }, (req, res) => res.ok(auth.get(req))); - registerRouter(router); - await server.start(); + registerRouter(router); + await server.start(); + await supertest(innerServer.listener) + .get('/') + .expect(200, { status: 'unknown' }); + }); - await supertest(innerServer.listener) - .get('/') - .expect(200, { status: 'unauthenticated' }); + it('returns correct unauthenticated status', async () => { + const authenticate = jest.fn(); + + const { registerRouter, registerAuth, server: innerServer, auth } = await server.setup( + config + ); + await registerAuth(authenticate, cookieOptions); + const router = new Router(''); + router.get({ path: '/', validate: false, options: { authRequired: false } }, (req, res) => + res.ok(auth.get(req)) + ); + + registerRouter(router); + await server.start(); + + await supertest(innerServer.listener) + .get('/') + .expect(200, { status: 'unauthenticated' }); - expect(authenticate).not.toHaveBeenCalled(); + expect(authenticate).not.toHaveBeenCalled(); + }); + }); + + describe('#isTlsEnabled', () => { + it('returns "true" if TLS enabled', async () => { + const { isTlsEnabled } = await server.setup(configWithSSL); + expect(isTlsEnabled).toBe(true); + }); + it('returns "false" if TLS not enabled', async () => { + const { isTlsEnabled } = await server.setup(config); + expect(isTlsEnabled).toBe(false); + }); }); }); diff --git a/src/core/server/http/http_server.ts b/src/core/server/http/http_server.ts index 42ec5c04bea4b6..4a5b88bd105ade 100644 --- a/src/core/server/http/http_server.ts +++ b/src/core/server/http/http_server.ts @@ -75,6 +75,7 @@ export interface HttpServerSetup { isAuthenticated: AuthStateStorage['isAuthenticated']; getAuthHeaders: AuthHeadersStorage['get']; }; + isTlsEnabled: boolean; } export class HttpServer { @@ -127,6 +128,7 @@ export class HttpServer { isAuthenticated: this.authState.isAuthenticated, getAuthHeaders: this.authHeaders.get, }, + isTlsEnabled: config.ssl.enabled, // Return server instance with the connection options so that we can properly // bridge core and the "legacy" Kibana internally. Once this bridge isn't // needed anymore we shouldn't return the instance from this method. diff --git a/src/core/server/http/http_service.mock.ts b/src/core/server/http/http_service.mock.ts index 9b241e8679318a..0444caab1deb13 100644 --- a/src/core/server/http/http_service.mock.ts +++ b/src/core/server/http/http_service.mock.ts @@ -45,6 +45,7 @@ const createSetupContractMock = () => { getAuthHeaders: jest.fn(), }, createNewServer: jest.fn(), + isTlsEnabled: false, }; setupContract.createNewServer.mockResolvedValue({} as HttpServerSetup); return setupContract; diff --git a/src/core/server/index.ts b/src/core/server/index.ts index 50f4c24361a6a4..bcd101e9912e09 100644 --- a/src/core/server/index.ts +++ b/src/core/server/index.ts @@ -122,6 +122,7 @@ export interface CoreSetup { registerOnPostAuth: HttpServiceSetup['registerOnPostAuth']; basePath: HttpServiceSetup['basePath']; createNewServer: HttpServiceSetup['createNewServer']; + isTlsEnabled: HttpServiceSetup['isTlsEnabled']; }; } diff --git a/src/core/server/plugins/plugin_context.ts b/src/core/server/plugins/plugin_context.ts index 885b2b0e465522..139c142dcb1dbc 100644 --- a/src/core/server/plugins/plugin_context.ts +++ b/src/core/server/plugins/plugin_context.ts @@ -122,6 +122,7 @@ export function createPluginSetupContext( registerOnPostAuth: deps.http.registerOnPostAuth, basePath: deps.http.basePath, createNewServer: deps.http.createNewServer, + isTlsEnabled: deps.http.isTlsEnabled, }, }; } diff --git a/src/core/server/server.api.md b/src/core/server/server.api.md index b1fdc1289151ce..6b1fe4622caed7 100644 --- a/src/core/server/server.api.md +++ b/src/core/server/server.api.md @@ -97,6 +97,7 @@ export interface CoreSetup { registerOnPostAuth: HttpServiceSetup['registerOnPostAuth']; basePath: HttpServiceSetup['basePath']; createNewServer: HttpServiceSetup['createNewServer']; + isTlsEnabled: HttpServiceSetup['isTlsEnabled']; }; }