Skip to content

Commit

Permalink
[data views] implement fallback sha1 hash for fields request (elastic…
Browse files Browse the repository at this point in the history
…#175181)

## Summary

tldr; The implements a fallback sha1 method when using the browser in an
insecure context.

The data views fields requests cache need uniqueness across users. This
has been implemented by hashing the user object into a HTTP header using
sha1. Typically we can use the browser's built in crypto objects for
this HOWEVER its not available in insecure contexts -
https://www.chromium.org/blink/webcrypto/#accessing-it - this PR
supplies a sha1 function for insecure contexts.

How to test - when running kibana locally, it will run in a secure
context via 127.0.0.1 or localhost. It will run in an insecure context
at 0.0.0.0. Simply load some sample data and load a data view.

follow up to elastic#168910

Screenshot of error resolved by this pr - 
![Visualize Visualize Reporting Screenshots Print PDF button becomes
available
whe-c57ca69f29465527c4079569a4548eb10fe0568302776500148260b299fbd5c4](https://github.com/elastic/kibana/assets/216176/d7bcec41-631f-426f-b209-87b2d6403f23)

---------

Co-authored-by: kibanamachine <[email protected]>
  • Loading branch information
2 people authored and CoenWarmer committed Feb 15, 2024
1 parent 856986f commit faca199
Show file tree
Hide file tree
Showing 4 changed files with 40 additions and 5 deletions.
15 changes: 10 additions & 5 deletions src/plugins/data_views/public/data_views/data_views_api_client.ts
Original file line number Diff line number Diff line change
Expand Up @@ -16,11 +16,16 @@ const API_BASE_URL: string = `/api/index_patterns/`;
const version = '1';

async function sha1(str: string) {
const enc = new TextEncoder();
const hash = await crypto.subtle.digest('SHA-1', enc.encode(str));
return Array.from(new Uint8Array(hash))
.map((v) => v.toString(16).padStart(2, '0'))
.join('');
if (crypto.subtle) {
const enc = new TextEncoder();
const hash = await crypto.subtle.digest('SHA-256', enc.encode(str));
return Array.from(new Uint8Array(hash))
.map((v) => v.toString(16).padStart(2, '0'))
.join('');
} else {
const { sha256 } = await import('./sha256');
return sha256(str);
}
}

/**
Expand Down
18 changes: 18 additions & 0 deletions src/plugins/data_views/public/data_views/sha256.test.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/

import { sha256 } from './sha256';
import { createHash } from 'crypto';

describe('@kbn/crypto-browser', () => {
test('sha256 equals built in sha256', async function () {
const content = 'hello world';

expect(await sha256(content)).toEqual(createHash('sha256').update(content).digest('hex'));
});
});
11 changes: 11 additions & 0 deletions src/plugins/data_views/public/data_views/sha256.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/

import { Sha256 } from '@kbn/crypto-browser';

export const sha256 = async (str: string) => new Sha256().update(str).digest('hex');
1 change: 1 addition & 0 deletions src/plugins/data_views/tsconfig.json
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@
"@kbn/core-saved-objects-server",
"@kbn/logging",
"@kbn/security-plugin-types-public",
"@kbn/crypto-browser",
],
"exclude": [
"target/**/*",
Expand Down

0 comments on commit faca199

Please sign in to comment.