[Search] Return empty array when checking api keys for unauthorized u…

…ser (#173823) ## Summary Instead of returning an obnoxious error on every Search page when fetching an unauthorized user's API keys, we just return an empty array.
elastic · Dec 21, 2023 · 1a0dcf6 · 1a0dcf6
1 parent 306debf
commit 1a0dcf6
Showing 1 changed file with 13 additions and 3 deletions.
diff --git a/x-pack/plugins/enterprise_search/server/routes/enterprise_search/api_keys.ts b/x-pack/plugins/enterprise_search/server/routes/enterprise_search/api_keys.ts
@@ -54,9 +54,19 @@ export function registerApiKeysRoutes(
       const { client } = (await context.core).elasticsearch;
       const user = security.authc.getCurrentUser(request);
       if (user) {
-        const apiKeys = await client.asCurrentUser.security.getApiKey({ username: user.username });
-        const validKeys = apiKeys.api_keys.filter(({ invalidated }) => !invalidated);
-        return response.ok({ body: { api_keys: validKeys } });
+        try {
+          const apiKeys = await client.asCurrentUser.security.getApiKey({
+            username: user.username,
+          });
+          const validKeys = apiKeys.api_keys.filter(({ invalidated }) => !invalidated);
+          return response.ok({ body: { api_keys: validKeys } });
+        } catch {
+          // Ideally we check the error response here for unauthorized user
+          // Unfortunately the error response is not structured enough for us to filter those
+          // Always returning an empty array should also be fine, and deals with transient errors
+
+          return response.ok({ body: { api_keys: [] } });
+        }
       }
       return response.customError({
         body: 'Could not retrieve current user, security plugin is not ready',