apache · egalpin · Jan 18, 2023 · Jan 16, 2023 · Jan 17, 2023 · Jan 18, 2023
diff --git a/.../io/elasticsearch/src/main/java/org/apache/beam/sdk/io/elasticsearch/ElasticsearchIO.java b/.../io/elasticsearch/src/main/java/org/apache/beam/sdk/io/elasticsearch/ElasticsearchIO.java
@@ -137,7 +137,8 @@
  * }</pre>
  *
  * <p>The connection configuration also accepts optional configuration: {@code withUsername()},
- * {@code withPassword()}, {@code withApiKey()} and {@code withBearerToken()}.
+ * {@code withPassword()}, {@code withApiKey()}, {@code withBearerToken()} and
+ * {@code withDefaultHeaders()}.
  *
  * <p>You can also specify a query on the {@code read()} using {@code withQuery()}.
  *
@@ -326,6 +327,8 @@ public abstract static class ConnectionConfiguration implements Serializable {
 
     public abstract @Nullable String getBearerToken();
 
+    public abstract @Nullable List<Header> getDefaultHeaders();
+
     public abstract @Nullable String getKeystorePath();
 
     public abstract @Nullable String getKeystorePassword();
@@ -354,6 +357,8 @@ abstract static class Builder {
 
       abstract Builder setBearerToken(String bearerToken);
 
+      abstract Builder setDefaultHeaders(List<Header> defaultHeaders);
+
       abstract Builder setKeystorePath(String keystorePath);
 
       abstract Builder setKeystorePassword(String password);
@@ -502,6 +507,8 @@ public ConnectionConfiguration withPassword(String password) {
 
     /**
      * If Elasticsearch authentication is enabled, provide an API key.
+     * Be aware that you can only use one of {@Code withApiToken()}, {@code withBearerToken()} and
+     * {@code withDefaultHeaders} at the same time, as they will override eachother.
      *
      * @param apiKey the API key used to authenticate to Elasticsearch
      * @return a {@link ConnectionConfiguration} describes a connection configuration to
@@ -514,6 +521,8 @@ public ConnectionConfiguration withApiKey(String apiKey) {
 
     /**
      * If Elasticsearch authentication is enabled, provide a bearer token.
+     * Be aware that you can only use one of {@Code withApiToken()}, {@code withBearerToken()} and
+     * {@code withDefaultHeaders} at the same time, as they will override eachother.
      *
      * @param bearerToken the bearer token used to authenticate to Elasticsearch
      * @return a {@link ConnectionConfiguration} describes a connection configuration to
@@ -524,6 +533,21 @@ public ConnectionConfiguration withBearerToken(String bearerToken) {
       return builder().setBearerToken(bearerToken).build();
     }
 
+    /**
+     * For authentication or custom requirements, provide a set if default headers for the client.
+     * Be aware that you can only use one of {@code withApiToken()}, {@code withBearerToken()} and
+     * {@code withDefaultHeaders} at the same time, as they will override eachother.
+     *
+     * @param defaultHeaders the headers to add to outgoing requests
+     * @return a {@link ConnectionConfiguration} describes a connection configuration to
+     *     Elasticsearch.
+     */
+    public ConnectionConfiguration withDefaultHeaders(Header [] defaultHeaders) {
+      checkArgument(defaultHeaders != null, "defaultHeaders can not be null");
+      checkArgument(defaultHeaders.length > 0, "defaultHeaders can not be empty");
+      return builder().setDefaultHeaders(Arrays.asList(defaultHeaders)).build();
+    }
+
     /**
      * If Elasticsearch uses SSL/TLS with mutual authentication (via shield), provide the keystore
      * containing the client key.
@@ -640,6 +664,9 @@ RestClient createClient() throws IOException {
         restClientBuilder.setDefaultHeaders(
             new Header[] {new BasicHeader("Authorization", "Bearer " + getBearerToken())});
       }
+      if (getDefaultHeaders() != null) {
+        restClientBuilder.setDefaultHeaders(getDefaultHeaders().toArray(Header[]::new));
+      }
 
       restClientBuilder.setHttpClientConfigCallback(
           httpClientBuilder -> {