Skip to content

Commit 08ebe63

Browse files
mikecotemikecote
committed
Fix rejectUnauthorized not being configured
1 parent 78b7e2e commit 08ebe63

24 files changed

Lines changed: 177 additions & 49 deletions

x-pack/plugins/actions/server/actions_client.test.ts

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -402,6 +402,9 @@ describe('create()', () => {
402402
enabled: true,
403403
enabledActionTypes: ['some-not-ignored-action-type'],
404404
allowedHosts: ['*'],
405+
preconfigured: {},
406+
proxyRejectUnauthorizedCertificates: true,
407+
rejectUnauthorized: true,
405408
});
406409

407410
const localActionTypeRegistryParams = {

x-pack/plugins/actions/server/actions_config.mock.ts

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@ const createActionsConfigMock = () => {
1414
ensureHostnameAllowed: jest.fn().mockReturnValue({}),
1515
ensureUriAllowed: jest.fn().mockReturnValue({}),
1616
ensureActionTypeEnabled: jest.fn().mockReturnValue({}),
17+
isRejectUnauthorizedCertificatesEnabled: jest.fn().mockRejectedValueOnce(true),
1718
};
1819
return mocked;
1920
};

x-pack/plugins/actions/server/actions_config.ts

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,7 @@ export interface ActionsConfigurationUtilities {
3333
ensureHostnameAllowed: (hostname: string) => void;
3434
ensureUriAllowed: (uri: string) => void;
3535
ensureActionTypeEnabled: (actionType: string) => void;
36+
isRejectUnauthorizedCertificatesEnabled: () => boolean;
3637
}
3738

3839
function allowListErrorMessage(field: AllowListingField, value: string) {
@@ -92,6 +93,7 @@ export function getActionsConfigurationUtilities(
9293
isHostnameAllowed,
9394
isUriAllowed,
9495
isActionTypeEnabled,
96+
isRejectUnauthorizedCertificatesEnabled: () => config.rejectUnauthorized,
9597
ensureUriAllowed(uri: string) {
9698
if (!isUriAllowed(uri)) {
9799
throw new Error(allowListErrorMessage(AllowListingField.url, uri));

x-pack/plugins/actions/server/builtin_action_types/email.ts

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -156,7 +156,7 @@ export function getActionType(params: GetActionTypeParams): EmailActionType {
156156
params: ParamsSchema,
157157
},
158158
renderParameterTemplates,
159-
executor: curry(executor)({ logger, publicBaseUrl }),
159+
executor: curry(executor)({ logger, publicBaseUrl, configurationUtilities }),
160160
};
161161
}
162162

@@ -178,7 +178,12 @@ async function executor(
178178
{
179179
logger,
180180
publicBaseUrl,
181-
}: { logger: GetActionTypeParams['logger']; publicBaseUrl: GetActionTypeParams['publicBaseUrl'] },
181+
configurationUtilities,
182+
}: {
183+
logger: GetActionTypeParams['logger'];
184+
publicBaseUrl: GetActionTypeParams['publicBaseUrl'];
185+
configurationUtilities: ActionsConfigurationUtilities;
186+
},
182187
execOptions: EmailActionTypeExecutorOptions
183188
): Promise<ActionTypeExecutorResult<unknown>> {
184189
const actionId = execOptions.actionId;
@@ -223,6 +228,7 @@ async function executor(
223228
},
224229
proxySettings: execOptions.proxySettings,
225230
hasAuth: config.hasAuth,
231+
rejectUnauthorized: configurationUtilities.isRejectUnauthorizedCertificatesEnabled(),
226232
};
227233

228234
let result;

x-pack/plugins/actions/server/builtin_action_types/jira/index.ts

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -72,13 +72,16 @@ export function getActionType(
7272
}),
7373
params: ExecutorParamsSchema,
7474
},
75-
executor: curry(executor)({ logger }),
75+
executor: curry(executor)({ logger, configurationUtilities }),
7676
};
7777
}
7878

7979
// action executor
8080
async function executor(
81-
{ logger }: { logger: Logger },
81+
{
82+
logger,
83+
configurationUtilities,
84+
}: { logger: Logger; configurationUtilities: ActionsConfigurationUtilities },
8285
execOptions: ActionTypeExecutorOptions<
8386
JiraPublicConfigurationType,
8487
JiraSecretConfigurationType,
@@ -95,6 +98,7 @@ async function executor(
9598
secrets,
9699
},
97100
logger,
101+
configurationUtilities,
98102
execOptions.proxySettings
99103
);
100104

x-pack/plugins/actions/server/builtin_action_types/jira/service.test.ts

Lines changed: 12 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@ import * as utils from '../lib/axios_utils';
1111
import { ExternalService } from './types';
1212
import { Logger } from '../../../../../../src/core/server';
1313
import { loggingSystemMock } from '../../../../../../src/core/server/mocks';
14+
import { actionsConfigMock } from '../../actions_config.mock';
1415
const logger = loggingSystemMock.create().get() as jest.Mocked<Logger>;
1516

1617
interface ResponseError extends Error {
@@ -28,6 +29,7 @@ jest.mock('../lib/axios_utils', () => {
2829

2930
axios.create = jest.fn(() => axios);
3031
const requestMock = utils.request as jest.Mock;
32+
const configurationUtilities = actionsConfigMock.create();
3133

3234
const issueTypesResponse = {
3335
data: {
@@ -116,7 +118,8 @@ describe('Jira service', () => {
116118
config: { apiUrl: 'https://siem-kibana.atlassian.net/', projectKey: 'CK' },
117119
secrets: { apiToken: 'token', email: 'elastic@elastic.com' },
118120
},
119-
logger
121+
logger,
122+
configurationUtilities
120123
);
121124
});
122125

@@ -132,7 +135,8 @@ describe('Jira service', () => {
132135
config: { apiUrl: null, projectKey: 'CK' },
133136
secrets: { apiToken: 'token', email: 'elastic@elastic.com' },
134137
},
135-
logger
138+
logger,
139+
configurationUtilities
136140
)
137141
).toThrow();
138142
});
@@ -144,7 +148,8 @@ describe('Jira service', () => {
144148
config: { apiUrl: 'test.com', projectKey: null },
145149
secrets: { apiToken: 'token', email: 'elastic@elastic.com' },
146150
},
147-
logger
151+
logger,
152+
configurationUtilities
148153
)
149154
).toThrow();
150155
});
@@ -156,7 +161,8 @@ describe('Jira service', () => {
156161
config: { apiUrl: 'test.com' },
157162
secrets: { apiToken: '', email: 'elastic@elastic.com' },
158163
},
159-
logger
164+
logger,
165+
configurationUtilities
160166
)
161167
).toThrow();
162168
});
@@ -168,7 +174,8 @@ describe('Jira service', () => {
168174
config: { apiUrl: 'test.com' },
169175
secrets: { apiToken: '', email: undefined },
170176
},
171-
logger
177+
logger,
178+
configurationUtilities
172179
)
173180
).toThrow();
174181
});

x-pack/plugins/actions/server/builtin_action_types/jira/service.ts

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@ import {
2727
import * as i18n from './translations';
2828
import { request, getErrorMessage } from '../lib/axios_utils';
2929
import { ProxySettings } from '../../types';
30+
import { ActionsConfigurationUtilities } from '../../actions_config';
3031

3132
const VERSION = '2';
3233
const BASE_URL = `rest/api/${VERSION}`;
@@ -39,6 +40,7 @@ const createMetaCapabilities = ['list-project-issuetypes', 'list-issuetype-field
3940
export const createExternalService = (
4041
{ config, secrets }: ExternalServiceCredentials,
4142
logger: Logger,
43+
configurationUtilities: ActionsConfigurationUtilities,
4244
proxySettings?: ProxySettings
4345
): ExternalService => {
4446
const { apiUrl: url, projectKey } = config as JiraPublicConfigurationType;
@@ -174,6 +176,7 @@ export const createExternalService = (
174176
url: `${incidentUrl}/${id}`,
175177
logger,
176178
proxySettings,
179+
configurationUtilities,
177180
});
178181

179182
const { fields, ...rest } = res.data;
@@ -223,6 +226,7 @@ export const createExternalService = (
223226
fields,
224227
},
225228
proxySettings,
229+
configurationUtilities,
226230
});
227231

228232
const updatedIncident = await getIncident(res.data.id);
@@ -264,6 +268,7 @@ export const createExternalService = (
264268
logger,
265269
data: { fields },
266270
proxySettings,
271+
configurationUtilities,
267272
});
268273

269274
const updatedIncident = await getIncident(incidentId as string);
@@ -298,6 +303,7 @@ export const createExternalService = (
298303
logger,
299304
data: { body: comment.comment },
300305
proxySettings,
306+
configurationUtilities,
301307
});
302308

303309
return {
@@ -325,6 +331,7 @@ export const createExternalService = (
325331
url: capabilitiesUrl,
326332
logger,
327333
proxySettings,
334+
configurationUtilities,
328335
});
329336

330337
return { ...res.data };
@@ -351,6 +358,7 @@ export const createExternalService = (
351358
url: getIssueTypesOldAPIURL,
352359
logger,
353360
proxySettings,
361+
configurationUtilities,
354362
});
355363

356364
const issueTypes = res.data.projects[0]?.issuetypes ?? [];
@@ -362,6 +370,7 @@ export const createExternalService = (
362370
url: getIssueTypesUrl,
363371
logger,
364372
proxySettings,
373+
configurationUtilities,
365374
});
366375

367376
const issueTypes = res.data.values;
@@ -390,6 +399,7 @@ export const createExternalService = (
390399
url: createGetIssueTypeFieldsUrl(getIssueTypeFieldsOldAPIURL, issueTypeId),
391400
logger,
392401
proxySettings,
402+
configurationUtilities,
393403
});
394404

395405
const fields = res.data.projects[0]?.issuetypes[0]?.fields || {};
@@ -401,6 +411,7 @@ export const createExternalService = (
401411
url: createGetIssueTypeFieldsUrl(getIssueTypeFieldsUrl, issueTypeId),
402412
logger,
403413
proxySettings,
414+
configurationUtilities,
404415
});
405416

406417
const fields = res.data.values.reduce(
@@ -460,6 +471,7 @@ export const createExternalService = (
460471
url: query,
461472
logger,
462473
proxySettings,
474+
configurationUtilities,
463475
});
464476

465477
return normalizeSearchResults(res.data?.issues ?? []);
@@ -484,6 +496,7 @@ export const createExternalService = (
484496
url: getIssueUrl,
485497
logger,
486498
proxySettings,
499+
configurationUtilities,
487500
});
488501

489502
return normalizeIssue(res.data ?? {});

x-pack/plugins/actions/server/builtin_action_types/lib/axios_utils.test.ts

Lines changed: 15 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -8,9 +8,11 @@ import axios from 'axios';
88
import { Logger } from '../../../../../../src/core/server';
99
import { addTimeZoneToDate, request, patch, getErrorMessage } from './axios_utils';
1010
import { loggingSystemMock } from '../../../../../../src/core/server/mocks';
11+
import { actionsConfigMock } from '../../actions_config.mock';
1112
import { getProxyAgents } from './get_proxy_agents';
1213

1314
const logger = loggingSystemMock.create().get() as jest.Mocked<Logger>;
15+
const configurationUtilities = actionsConfigMock.create();
1416
jest.mock('axios');
1517
const axiosMock = (axios as unknown) as jest.Mock;
1618

@@ -41,6 +43,7 @@ describe('request', () => {
4143
axios,
4244
url: '/test',
4345
logger,
46+
configurationUtilities,
4447
});
4548

4649
expect(axiosMock).toHaveBeenCalledWith('/test', {
@@ -62,7 +65,7 @@ describe('request', () => {
6265
proxyRejectUnauthorizedCertificates: true,
6366
proxyUrl: 'https://localhost:1212',
6467
};
65-
const { httpAgent, httpsAgent } = getProxyAgents(proxySettings, logger);
68+
const { httpAgent, httpsAgent } = getProxyAgents(configurationUtilities, proxySettings, logger);
6669

6770
const res = await request({
6871
axios,
@@ -72,6 +75,7 @@ describe('request', () => {
7275
proxyUrl: 'https://localhost:1212',
7376
proxyRejectUnauthorizedCertificates: true,
7477
},
78+
configurationUtilities,
7579
});
7680

7781
expect(axiosMock).toHaveBeenCalledWith('http://testProxy', {
@@ -97,6 +101,7 @@ describe('request', () => {
97101
proxyUrl: ':nope:',
98102
proxyRejectUnauthorizedCertificates: false,
99103
},
104+
configurationUtilities,
100105
});
101106

102107
expect(axiosMock).toHaveBeenCalledWith('https://testProxy', {
@@ -114,7 +119,14 @@ describe('request', () => {
114119
});
115120

116121
test('it fetch correctly', async () => {
117-
const res = await request({ axios, url: '/test', method: 'post', logger, data: { id: '123' } });
122+
const res = await request({
123+
axios,
124+
url: '/test',
125+
method: 'post',
126+
logger,
127+
data: { id: '123' },
128+
configurationUtilities,
129+
});
118130

119131
expect(axiosMock).toHaveBeenCalledWith('/test', {
120132
method: 'post',
@@ -140,7 +152,7 @@ describe('patch', () => {
140152
});
141153

142154
test('it fetch correctly', async () => {
143-
await patch({ axios, url: '/test', data: { id: '123' }, logger });
155+
await patch({ axios, url: '/test', data: { id: '123' }, logger, configurationUtilities });
144156
expect(axiosMock).toHaveBeenCalledWith('/test', {
145157
method: 'patch',
146158
data: { id: '123' },

x-pack/plugins/actions/server/builtin_action_types/lib/axios_utils.ts

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ import { AxiosInstance, Method, AxiosResponse, AxiosBasicCredentials } from 'axi
88
import { Logger } from '../../../../../../src/core/server';
99
import { ProxySettings } from '../../types';
1010
import { getProxyAgents } from './get_proxy_agents';
11+
import { ActionsConfigurationUtilities } from '../../actions_config';
1112

1213
export const request = async <T = unknown>({
1314
axios,
@@ -16,6 +17,7 @@ export const request = async <T = unknown>({
1617
method = 'get',
1718
data,
1819
proxySettings,
20+
configurationUtilities,
1921
...rest
2022
}: {
2123
axios: AxiosInstance;
@@ -25,11 +27,12 @@ export const request = async <T = unknown>({
2527
data?: T;
2628
params?: unknown;
2729
proxySettings?: ProxySettings;
30+
configurationUtilities: ActionsConfigurationUtilities;
2831
headers?: Record<string, string> | null;
2932
validateStatus?: (status: number) => boolean;
3033
auth?: AxiosBasicCredentials;
3134
}): Promise<AxiosResponse> => {
32-
const { httpAgent, httpsAgent } = getProxyAgents(proxySettings, logger);
35+
const { httpAgent, httpsAgent } = getProxyAgents(configurationUtilities, proxySettings, logger);
3336

3437
return await axios(url, {
3538
...rest,
@@ -48,12 +51,14 @@ export const patch = async <T = unknown>({
4851
data,
4952
logger,
5053
proxySettings,
54+
configurationUtilities,
5155
}: {
5256
axios: AxiosInstance;
5357
url: string;
5458
data: T;
5559
logger: Logger;
5660
proxySettings?: ProxySettings;
61+
configurationUtilities: ActionsConfigurationUtilities;
5762
}): Promise<AxiosResponse> => {
5863
return request({
5964
axios,
@@ -62,6 +67,7 @@ export const patch = async <T = unknown>({
6267
method: 'patch',
6368
data,
6469
proxySettings,
70+
configurationUtilities,
6571
});
6672
};
6773

0 commit comments

Comments
 (0)