Merge upstream changes.

elastic · Aug 22, 2023 · da74429 · da74429
1 parent 46fceda
commit da74429
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 7 deletions.
diff --git a/x-pack/plugins/security/server/authentication/providers/http.ts b/x-pack/plugins/security/server/authentication/providers/http.ts
@@ -106,7 +106,7 @@ export class HTTPAuthenticationProvider extends BaseAuthenticationProvider {
         // Log a portion of the JWT signature to make debugging easier.
         const jwtExcerpt = authorizationHeader.credentials.slice(-10);
         this.logger.error(
-          `Attempted to authenticate with JWT credentials (${jwtExcerpt}…) against ${request.url.pathname}${request.url.search}, but it's not allowed. ` +
+          `Attempted to authenticate with JWT credentials (…${jwtExcerpt}) against ${request.url.pathname}${request.url.search}, but it's not allowed. ` +
             `Ensure that the route is defined with the "${ROUTE_TAG_ACCEPT_JWT}" tag.`
         );
         return AuthenticationResult.notHandled();

diff --git a/x-pack/plugins/security/server/config.ts b/x-pack/plugins/security/server/config.ts
@@ -279,14 +279,11 @@ export const ConfigSchema = schema.object({
       enabled: schema.boolean({ defaultValue: true }),
       autoSchemesEnabled: schema.boolean({ defaultValue: true }),
       schemes: schema.arrayOf(schema.string(), { defaultValue: ['apikey', 'bearer'] }),
-      jwt: schema.conditional(
-        schema.contextRef('serverless'),
-        true,
-        schema.object({
+      jwt: offeringBasedSchema({
+        serverless: schema.object({
           taggedRoutesOnly: schema.boolean({ defaultValue: true }),
         }),
-        schema.never()
-      ),
+      }),
     }),
   }),
   audit: schema.object({